cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

New GRC 5.3 RAR Ruleset for a New R/3 System

former_member325725
Participant

on ‎07-09-2012 6:38 PM

0 Kudos

Hi All,

We currently has GRC 5.3 SP14 RAR implemented for ECC. There is a requirement now to do the RAR analysis for a new R/3 system but with the Rules maintained under a new Ruleset. We will be copying the existing custom ruleset maintained for the ECC systems and then updating the new one for any appropriate changes.

When an export of the Rules is performed, we notice the Ruleset is tied to the Risks and we wanted to know how best we could bring in the new rule set for the new system without updating/changing the existing the Ruleset. We want the 2 rulesets to work entirely independent in terms of the maintenance and support.

I exported the existing Rule for the new system  and if I import the existing rule with the "Replace rule by system" option, it updates the existing Rule Set - Functions,  to have the Rules for the new system.

If we need to isolate these 2 rule sets, does it mean we manually define new Risk Ids for the new system and then relate them to the new Ruleset?

Any suggestions or recommendations in this reagrd are greatly appreciated.

Thanks,

Anil

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

kevin_tucholke1
Contributor
‎07-09-2012 7:38 PM
0 Kudos

Anil:

To have an ENTIRELY separate rule set, yes the components must also be separate and different.

If you will be using the same settings for the funcitons of the new risks, then you can utilize the current functions, but if you are planning on changing the functions to where function GL01 in Ruleset A has different Actions/Permissions  than function GL01 in Ruleset B, then you need to have separate functions as well as risks.

Thanks,
Kevin Tucholke

Show replies
Show replies
former_member325725
Participant
‎07-09-2012 7:59 PM
0 Kudos

Hi Kevin,
Thanks for the response.

To start with we need to clone the existing Ruleset A to Ruleset B and then start making changes to Ruleset B. Can you elaborate on separating the components you referred in your response?

What's the best way we could do this? Does the GRC 5.3 tool has some features to do this systematically or will it all need to be defined manually ? Further, I didn't see any  way to link the risks to the Ruleset than the relationship I've found in the rules import file similar to the entries seen in Risk Rule Set Relationship template file.

Regards, Anil

Ask a Question