on 07-16-2014 10:01 AM
Hi,
I know that Authorization object sync and Repository Object sync means Synchronizing the authorization data and synchronizing Roles, profiles and users from backend system respectively.
But what is meant by Synchronization? What the system will do exactly when we run these jobs. Will it stores the data fetched, into GRC tables? If yes, then in which tables it is storing data like authorization data, roles, profiles and users of backend system?
What is the difference between offline and online risk analysis? I.e. in what what way it analyses risks?
Kindly help.
Regards,
Kaavya.
Kaavya,
see the documentation from SAP.
The activity updates the following data for the relevant synchronization acitivities:
Profile Synch
Role Synch
User Synch
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
regarding offline vs online analysis:
Offline analysis is not real-time data but is dependent on the date of the last Batch Risk Analysis. The Batch Risk Analysis is run using the Schedule Analysis feature found under the Configuration tab > Background job. This is the same batch risk analysis that is run to update the management reports and companies should be running this on a frequent basis to ensure their management reports are accurate. Running the Offline analysis is the same as drilling down via the Management View.
The benefits to using offline analysis is mostly in response time. By using offline analysis, Compliance Calibrator/Risk Analysis and Remediation does not have to make as many calls into the connected systems so the analysis will return much faster than using on-line analysis. However, please keep in mind that offline analysis is not real-time and will not take into account any changes made since the last Batch Risk Analysis.
Also, it's important to understand that even when you run offline analysis, it will have to make a call to the back-end system to obtain composite role names. Therefore, if the back-end system is down, offline analysis will not work.
Using offline analysis, you can obtain both summary and detail reports. The one exception is that if you run Report types Critical Action or Critical Permission, you will not be able to see the detail report, only the summary report. Please note that this is only for Critical Action and Critical Rermission. Report types of Permission level and Action level can go down to the detail level in offline mode.
Please keep in mind that how you have the Batch Risk Analysis set up for defaults will impact the data you have to run offline analysis on. For example, in Configuration under Risk Analysis > Default Values, you have the option "Exclude Locked Users". If this is set to YES, when running the batch risk analysis, it will not evaluate locked users which means the tables holding the conflicts will not include any data for locked users.
When you run Risk Analysis, you have the option to change Ignored Users field to something other than what is set up in the Configuration. However, if you change this to NOT ignore locked users and run in offline mode, you will not receive any conflicts because no locked users were evaluated during the batch risk analysis. Running this report in online mode may turn up conflicts with locked users.
Hope this helps.
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.