cancel
Showing results for 
Search instead for 
Did you mean: 

AC 10.0 Missing detail information in user analysis

0 Kudos

Hi all,

I have two questions about the user-analysis.

I go this way: reports and analysis --> access to dashboards --> user analysis --> then open critical actions and roles

If I do this user-analysis I find the users, username and usergroup. But I don't get the other information like rolename, ID of the risk, risk description, profile name and profil description.

1. Can you tell me what could be the reason for the missing details?

2. Can you tell me the tables for the missing information?


Thanks

Thorsten

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
0 Kudos

Hi Thorsten,

I don't recall ever seeing the actual details available via the Batch Risk Analysis Management report graph you mentioned above. I checked the additional hidden columns in that area and such other details are not available. The graphs utilise the "Management Report" format i.e. not down to the specific detail.

The best method of getting the detailed analysis is by performing the actual risk analysis against the actual User you wish to analyse. Within the options there, ensure you look at the "Detailed" report, which would give you the detail of the risk and the cause (i.e. which specific tcode and role) against the user ID.

Hope that helps.

0 Kudos

Hi Harinam,

thanks for your answer.

But the way of your description I don't get the right user. I find many other users, which should not have a sod-conflict and should not be there. And the users which should be there, aren't there.

Do you have an idea what could be the reason? Do you have a table for me , where I can check the content? Or what could be the reason?

Regards

Thorsten

Former Member
0 Kudos

From your initial post you are checking the information via the Management report (i.e. the 'lovely' pie charts and bar charts)?

1) Check if your GRC system is reporting locked and expired users as default (hint, check SPRO).

2) Check if your User/Role/Profile syncs are taking place on a regular basis (at least daily)

3) Same goes for checking your Batch Risk Analysis schedule

4) Also check for excluded profiles etc, i.e. are you reporting risks from users who have SAP_ALL/SAP_NEW assigned?

A table would frankly be pointless at the moment. Have you got some certain examples to share? i.e. a risk analysis on a user performed vs their report on the Management Report graphs for the same risk?

0 Kudos

Hi Harinam,

after I changed a parameter I get now the rolenames behind the users.

But could it be, that I won't get the other information like risk-id with this analysis? Or can I get the risk-ID at that point of analysis?

If I don't get the risk-id at this point I would be surprised. Because why would SAP give this columns in this analysis? Do you have an explanation for that?

Thanks Thorsten

Former Member
0 Kudos

You should get the Risk ID and Risk Rule in the Detailed reports. By any chance have you or any of your team modified the default report columns?

0 Kudos

Hi,

can you please tell me what do you mean with "detailed reports"? Only, that I don't missunderstand you? Please tell me the way of this analysis of the detailed reports.

Thanks.