on 07-13-2012 11:38 AM
Hi all,
I'm having the following issue with SAP GRC AC 5.3 RAR (SP 18): I’m able to create mitigating controls, but they do not apply in my risk analysis => the mitigated risks still show up.
I think I have configured everything right. I have been searching the web & found a lot of posts with similar issues, but none of the solutions work for me.
http://users.telenet.be/dunkelburg/SAP/01_01.JPG
http://users.telenet.be/dunkelburg/SAP/01_03.JPG
http://users.telenet.be/dunkelburg/SAP/01_04.JPG
http://users.telenet.be/dunkelburg/SAP/01_05.JPG
D. Whenever I perform a user or role analysis, I still have my P001 conflict showing up – even when I tell the system to exclude mitigated risks
http://users.telenet.be/dunkelburg/SAP/01_06.JPG
http://users.telenet.be/dunkelburg/SAP/01_07.JPG
Any ideas, comments or thoughts would be nice
Best regards,
Tom
Hello all,
I found the solution to the issue.
When adding a role to a risk, I just entered the role in the “Role Name text-field”.
To make the mitigated risk work, I need to use the search functionality of the “Role Name text-field” to go & look for the role and then select it. Only then, it takes the risk into account.
Thanks for your help
Best regards,
Tom
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Lanssens,
First of all you need to Assign the Uesr/ Role to the Mitigation Control if you want to check that in the Risk analysis.
Once that Role is assigned to the Mitigation Control then that Risk ID will be considered as a Mitigated risk ID.
Regards
Shaily
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Tom,
Can you please make sure these users or roles exist in the RAR database.
Kindly check for role or user in VIRSA_CC_GENOBJ table for the particular system.
Best Regards,
Smriti
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Tom,
Please review the sap note-1290057.
Could you please check the below setting into your system.
Logon to CUP ==> Go To Tab "Configuration" ==> Click on "Risk Analysis"
==> Check the Checkbox "Consider Mitigation Controls".
Checkbox should be checked to consider mitigation.
Best Regards,
Nandita
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Tom,
Kindly refer to below thread for this same issue:-
http://scn.sap.com/thread/1515852
Best Regards,
Akhil Chopra
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.