cancel
Showing results for 
Search instead for 
Did you mean: 

Disable Rules- Actions no longer needed in GRC RAR

Former Member
0 Kudos

Hello together,

Requirement: Disable Rules in RAR 5.3

There is a particular Risk ID: F029, where it has the below Conflicting Actions to be Disabled in RAR 5.3

-


"Post Outgoing Payments (F-31) and Enter G/L Account Posting (F-02)

"Enter G/L Account Posting (F-02) and Post with Clearing (FB05)

"Post Outgoing Payments (F-31) and Post Document (FB01)

"Post with Clearing (FB05) and Post Document (FB01)

"Post Outgoing Payments (F-31) and Post with Clearing (FB05)

"Post with Clearing (FB05) and Post with Clearing (FB05)

"Post Outgoing Payments (F-31) and Reverse Document (FB08)

"Reverse Document (FB08) and Post with Clearing (FB05)

"Post Outgoing Payments (F-31) and Post Document (FBR2)

"Post with Clearing (FB05) and Post Document (FBR2)

"Post Outgoing Payments (F-31) and Reverse Cross-Company Code Document (FBU8)

"Post with Clearing (FB05) and Reverse Cross-Company Code Document (FBU8)

"Post Outgoing Payments (F-31) and Post Parked Document (FBV0)

"Post Parked Document (FBV0) and Post with Clearing (FB05)

-


When checked the relevant functions underneath the listed Actions, they contain in the Function (AR01 & GL01)

I have listed out the common Actions and listed out the functions:

Risk ID Actions Function ID

F029 F31 AR01

F029 F02 GL01

F029 FB01 GL01

F029 FB05 GL01 & AR01

F029 FB08 GL01

F029 FBR2 GL01

F029 FBU8 GL01

F029 FBV0 GL01

Preformed the below steps to disable the Actions:

Rule Architect-> Functions-> Search-> Function ID-> E.g. AR01-> Search-> Change-> F-31-> Disabled.

*Issues*:

When Disabled the Action F-31, noticed that all other risks (apart from the given list above ) were also being disabled and got escalated. As Action F-31 was in conflict with other Actions and functions.

Inputs Required:

Therefore could anyone suggest in how to disable only the listed combination of Actions from RAR. As when checked through my analysis there is no option to Individually disable the Rule IDs.

Do I have to create and build the complete Rule Sets again, can anyone suggest me the next steps in what needs to be done, for these actions to be disabled.

Thank you

Regards

Sridhar

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
0 Kudos

Dear Sridhar,

We also faced the same issue. It is difficult to disable the rule id as we can only disable the action or risk and it will remove the remaining the conflicts also.

As a work around we identified the Rule ID of these conflicts eg., FB02 Vs FB02 - Rule id : F02827401 and assigned a False positive mitigation control to these IDs. When ever conflicts will be thrown for users or roles , this mitigation control will be assigned to these Rule ids.

This will be difficult during maintenance but we found it is a better solution than redesigning the entire rule set.

Thanks and Best Regards,

Srihari.K

Former Member
0 Kudos

Hello Srihari,

Thank you very much for your inputs towards creating Mitigating the Rule ID's.

Even I am finding it difficult in redesigning the entire rule sets.

I tried to create mitigation ID in Dev, but I didn't find an option to only restrict the Rule ID: e.g. F02906J01. There was only option to insert the Risk ID: F029, which would again mitigate the complete risks.

Could you please guide me through the steps on how to create mitigation Id only for the Rule ID: F02906J01.

Thank you

Regards

Sridhar

Former Member
0 Kudos

Dear Sridhar,

You can provide the rule id F02906J01 place of Risk Id while creating the mitigation controls. This will work only for that rule and not for the whole risk.

Thanks and Best Regards,

Srihari.K

Former Member
0 Kudos

Hello Srihari,

Thanks again for your valuable time and Inputs, but again when I try to mitigate the Rule ID, I am not able to find an option to only restrict the Rule ID, as when choosed the Rule ID F0296j001, it gives the option of the complete Risk ID (F029)

Can you please provide me your email Id, so that I can send you the screen shots of the error message.

As this site does not support to prefix screenshots and the only option is to send you and email with the screen shots, on what I am performing.

Thank you

Regards

Sridhar

simon_persin4
Contributor
0 Kudos

Sridhar,

In the mitigation control definition, if you search for the risk using the in field selections, it will probably only give you down to the risk level. However, if you know the rule id itself, then you can manually enter it into the field to mitigate specifically at the permission rule level.

I must admit that whenever I have wanted to remove the check for a specific action / function, I have always amended the ruleset accordingly.

I tend to advocate management of the rulesets via upload so it is a case of manipulating the contents outside the system and then uploading it again with the functions defined appropriately.

Simon

Former Member
0 Kudos

Hello Simon and Sri Hari,

Regret for the delay in reply and I am very thankful for your suggestions.

I have manually added the Rule Ids under the newly created Mitigating Ids. I followed the below steps:

1) Mitigation-> Created Mitigating Id (SMFI0004) and under Associated Risks I have manually inserted the Rule Ids (e.g. F0290KA01)

2) - Clicked on Mitigate Users and Provided the associated Users ID : SP209

- In the Risk ID: I directly inserted the Rule ID: F0290KA01 and assigned the monitor IDs accordingly and saved the data to show up a false positive Mitigating report.

Issue:

Once I have assigned all the users by mapping the Rule Ids towards the mitigating Ids, I extracted the report: Informer Tab-> Risk Analysis-> User Level and choosed to Exclude the Mitigated Risks.

The issue is, In the extracted report I can still VIEW the mitigated users list and the clients are questioning as to why these users are still showing when its been assigned to a false positive mitigating Ids.

Request you to kindly provide your inputs and thoughts on how to exclude these mitigated users from the reports.

Thank you

Regards

Sridhar

Former Member
0 Kudos

Hello Simon and Sri Hari,

Regret for the delay in reply and I am very thankful for your suggestions.

I have manually added the Rule Ids under the newly created Mitigating Ids. I followed the below steps:

1) Mitigation-> Created Mitigating Id (SMFI0004) and under Associated Risks I have manually inserted the Rule Ids (e.g. F0290KA01)

2) - Clicked on Mitigate Users and Provided the associated Users ID : SP209

- In the Risk ID: I directly inserted the Rule ID: F0290KA01 and assigned the monitor IDs accordingly and saved the data to show up a false positive Mitigating report.

Issue:

Once I have assigned all the users by mapping the Rule Ids towards the mitigating Ids, I extracted the report: Informer Tab-> Risk Analysis-> User Level and choosed to Exclude the Mitigated Risks.

The issue is, In the extracted report I can still VIEW the mitigated users list and the clients are questioning as to why these users are still showing when its been assigned to a false positive mitigating Ids.

Request you to kindly provide your inputs and thoughts on how to exclude these mitigated users from the reports.

Thank you

Regards

Sridhar

Former Member
0 Kudos

Hello Simon and Sri Hari,

Regret for the delay in reply and I am very thankful for your suggestions.

I have manually added the Rule Ids under the newly created Mitigating Ids. I followed the below steps:

1) Mitigation-> Created Mitigating Id (SMFI0004) and under Associated Risks I have manually inserted the Rule Ids (e.g. F0290KA01)

2) - Clicked on Mitigate Users and Provided the associated Users ID : SP209

- In the Risk ID: I directly inserted the Rule ID: F0290KA01 and assigned the monitor IDs accordingly and saved the data to show up a false positive Mitigating report.

Issue:

Once I have assigned all the users by mapping the Rule Ids towards the mitigating Ids, I extracted the report: Informer Tab-> Risk Analysis-> User Level and choosed to Exclude the Mitigated Risks.

The issue is, In the extracted report I can still VIEW the mitigated users list and the clients are questioning as to why these users are still showing when its been assigned to a false positive mitigating Ids.

Request you to kindly provide your inputs and thoughts on how to exclude these mitigated users from the reports.

Thank you

Regards

Sridhar

Former Member
0 Kudos

Hello Simon,

Can you please provide your inputs on how to exclude the fasle positve users from the users analysis reports.

Your timely response shall be highly appreciated.

Thank you

Regards

Sridhar

Former Member
0 Kudos

Hello All,

I am looking after an issue where client wants the permanent solution where the rule IDS are falsely mitigated before.I am thinking in one way that if I can remove the conflicting transaction from a rule,then we can get a permant solution. Could you please provide any detailed guideline for the issue???

Former Member
0 Kudos

Hi Sridhar,

As you mentioned the below steps you followed are:

1) Mitigation-> Created Mitigating Id (SMFI0004) and under Associated Risks I have manually inserted the Rule Ids (e.g. F0290KA01)

Suggestion: Instead of putting rule Id in associated risk field put the Risk Id as 'F029*' not the complete Rule ID.

2) - Clicked on Mitigate Users and Provided the associated Users ID : SP209

- In the Risk ID: I directly inserted the Rule ID: F0290KA01 and assigned the monitor IDs accordingly and saved the data to show up a false positive Mitigating report.

This step seems fine, in the Risk ID field just copy the Rule ID.

Hopefully it will resolve your issue.

Regards,

Praveen Kumar