cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC AC 5.3 SP12 - risk analysis with organizational rules

Go to solution
former_member577095
Participant

on ‎05-08-2014 11:54 AM

0 Kudos

Hi all,

We have a risk with 2 functions.

The first function search for VF01 and other V_VBRK_VKO with ACTVT01 enabled.

The second function search for VA01 and V_VBAK_VKO with ACTVT=01 enabled and SPART field enabled.

Then we have defined an organizational rule having SPART=BB.

It seems that the risk analysis results is wrong on function 2 (VA01).


We have a user with 2 roles assigned:

- the first role gives an authorization to V_VBAK_VKO object with ACTVT=01 and SPART=AA

- the second role gives an authorization to V_VBAK_VKO object with ACTVT=03 and SPART=BB

The risk analysis results reports that the user has a violation because he his authorized to function 2.

This is wrong because the user has only a display authorization on SPART=BB.

Any suggestion?

Thanks.

Andrea

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

alessandr0
Active Contributor
‎05-08-2014 1:45 PM
0 Kudos

Hi Andrea,

just a basic question: did you generate the SOD Rules after adding the organizational rule? It's required to regenerate the rules after org rule has been defined.

Regards,

Alessandro

Show replies
Show replies
former_member577095
Participant
‎05-08-2014 2:16 PM
0 Kudos

Hi Alessandro,

We have regenerated the SOD Rules only for the single risk (not for all).

Thanks for your support.

Andrea

Answers (0)

Ask a Question