cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC AC10 - User Risk Report for End Users

former_member208271
Participant

on ‎02-26-2013 7:12 AM

0 Kudos

Hi All

I need some advise regarding User Risk Reports (SoD) on GRC 10. We have implemented AC.

Currently the Reports available on GRC (Access Management -> Access Risk Analysis -> User Level) OR (Reports and Analytics -> Access Risk Analysis Reports -> User Risk Violation Report). These Reports give you all Objects and all the information.

Our End users want to Run their own reports and they do not understand all the details, which are Objects, Resource, Rule ID, Field Values etc.

They just require the User Details and the Roles.

Is there any way that we can get a report which only gives User Details and the Role Name that is causing the Conflicts (Risk)?

Your help will be appreciated.

Regards

Mustafa

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (5)

Answers (5)

Former Member
‎03-27-2013 7:24 AM
0 Kudos

Hi Mustafa,

yes surely you can have the report with the column names - showing User, Risk, Role, Action.

Navigate to the path:

Access Management -> Access Risk Analysis -> User Level

And after the reults are populated select format as "Detail".

Thanks and Regards

Ankit sharma

Show replies
Show replies
former_member208271
Participant
‎03-26-2013 1:06 PM
0 Kudos

Hi

Can anyone tell me the tables that are used or updated after the Risk Report is Run.

Then we can look as creating a Query.

Regards

Mustafa

Show replies
Show replies
Former Member
‎03-26-2013 2:22 PM
0 Kudos

Dear Mustafa,

Please refer to the following note 1580877.The note contains all the

information that you need.

Thanks

Japneet

Former Member
‎02-28-2013 4:53 AM
0 Kudos

Hi Mustafa,

Run the risk analysis report by selecting the report type as "Executive Summary"  and it will display the

result in the desired format. 

Thanks

Japneet Singh

Show replies
Show replies
Former Member
‎03-01-2013 11:49 AM
0 Kudos

As suggested in my earlier reply.

former_member208271
Participant
‎03-04-2013 6:13 AM
0 Kudos

Hi

Thanks for the response.

However the Executive Summary report does not give the user details and the Roles that cause the Risk.

The Access to the report is for key stakeholders that will assist in driving the risks.

They need to know the Roles that cause the Risks so from there they can make a decision on which Role to remove to clean up the Risks.

So an ideal Report would be to have all the User Details (User ID, User name, User Group) and the Action (or S_TCode) and the Roles.

With all the Objects on the Report the Users will not understand the report.

Any suggestions are welcome.

Regards

Mustafa

Former Member
‎03-04-2013 9:54 AM
0 Kudos

Hi Mustafa,

My advise is to also try the OTHER risk report types....i.e. the Detailed and Summary ones  ( I am sure I did suggest that earlier in the thread). I know the Summary one does indeed show the roles where the tcodes are originating from. I also suggest you play with the filters within the reports and see if the columns you want/need are in the report (see screenshot).

I also suggest you try running the reports in both Technical and Business view....so you get an idea of which one is more useful report to present back to the end users. You really do need to play around with the various report formats available to consider what is useful and what is not helpful data from the tool. Everyone's requirements are different so there is no universal answer as to how to have the ultimate report format.

Finally, I also suggest that you may wish to think slightly outside the box. If you really require the Full user name and User group details of the users, and somehow the default reports within the tool (including modifying the columns and filters) do not meet your expectations, may I suggest that you export the report into an Excel spreadsheet and with the use of certain "lookup's" add the additional data columns into the report and present that to the Business users.

Unfortunately sometimes you have to put in the extra effort to make the reports more presentable to your fellow colleagues in the non-security world.

Hope that helps and answers your question/s. Good luck

former_member208271
Participant
‎03-04-2013 10:47 AM
0 Kudos

Hi Harinam

Thanks for that.

Currently the way this is happening is as follows. I am downloading the Detailed Report on a Quarterly basis and then customizing it with vlookup etc.

We have User that want to Run the Report on an adhoc basis and see what Risks are still there.

So from my original request I need a report that the users can Run and only get the information they require.

I may need to look into BW as suggested by Gretchen.

Although I would like a report directly on GRC for the users to Run.

Regards

Mustafa

Former Member
‎02-26-2013 5:02 PM
0 Kudos

Sorry for the obvious, but have you considered trying the other types of reports? i.e. Management/Summary/Exec reports?

I also presume that what you mean by "End Users" are in fact business users who have little knowledge of what the technical risk actually means, but are the key stakeholders in driving the risks away/down in the business.

All the best.

Show replies
Show replies
Former Member
‎02-26-2013 3:00 PM
0 Kudos

Mustafa,

I do not have an answer for you; I suspect that you may end up doing some custom reporting via BW. But I was so astonished at the thought of end users wanting to run their own risk analysis reports that I had to "like" this discussion. It does sound like a reasonable use case. Good luck!

Gretchen

Show replies
Show replies
Ask a Question