cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Dear all I only get result for one rule id and not with others what should be an issue?

Go to solution
former_member399658
Participant

on ‎08-12-2014 2:26 PM

0 Kudos

 

Dear All,

In GRC 10.1 the Risk Report only shows the Rule ID 0001 for a risk, although there should be more actions that lead to the same risk.

I am just getting simillar result.

 

The new system only shows results for Rule ID 0001, not for the other ones.

Regards,

Abhisshek

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

alessandr0
Active Contributor
‎08-12-2014 3:20 PM
0 Kudos

Dear Abhisshek,

can you regenerate the SOD rules (SPRO > GRC > AC > SoD Rules > Generate SoD Rules).

If the rule set is correctly defined and the rules are generated properly the risks will show up. Also make sure that all the sync jobs run properly (repository object, authorization sync).

Hope this helps.

Regards,

Alessandro

Show replies
Show replies
former_member399658
Participant
‎08-18-2014 11:22 AM
0 Kudos

Dear Alessandro,

Everything done including generating SOD rule also Sync jobs.

Still the same issue.

Regards,

Abhisshek

alessandr0
Active Contributor
‎08-18-2014 11:31 AM
0 Kudos

Dear Abhisshek,

can you check the access rule details if everything is defined properly? Rule Setup > Generated Rules > Access Rule Details.


With that report you can check if the definition is maintained correctly. If so then you have to check the analysis (e.g. via simulation).


Regards,

Alessandro

former_member399658
Participant
‎08-25-2014 1:30 PM
0 Kudos

Dear Alessandro,

I am trying to see rule details but I cannot see in foreground jobs. and when I am scheduling background jobs the job is getting cancelled.

Mean time I uploaded all the existing rule details again and also generated SOd rules.

I am still getting so many risk and differant rule ID details when I run the risk analysis.

Regards,

Abhisshek

Former Member
‎08-25-2014 3:11 PM
0 Kudos

Hi Abhishek,

If you are selecting all risk IDs then better run the job in background mode to overcome the system time out phase.

Once you added the new system/connector, I assue you would've put that into the respective connector group so did you regenerate the rule sets after this activity?

Regards,

Ameet

Former Member
‎08-25-2014 8:14 PM
0 Kudos

To test the results, run the Risk Analysis for one user/system at one time, in Foreground and see the results. Now compare these results with what Alexander mentioned above to see if the rules have been generated correctly.

Anything further if urgent and stuck, you should get advise from SAP via Incident.

former_member399658
Participant
‎08-26-2014 1:33 PM
0 Kudos

Dear Manik, Alessandro,

Quit strange!  I did risk analysis now for one user the rule ID for the Access risk ID A001  = Rule ID 0007 came completely differant than in Access rule details.

In Access rule dtails The function is BS05 for Access risk ID 0007

Please check the attached screenshot need your help really...

Regards,

Abhisshek

Former Member
‎09-17-2014 4:37 PM
0 Kudos

Hi Abhishek, the rule id can be same within various Risk IDs - A001 and also B003 as in this case.
The risk analysis result as seen in the first screenshot would show the risks based on the actions assigned to the user and which Risk ID and which Rule ID further contain these actions.

So, rule id 0007 exists irrespective of the Risk IDs. It can co-exist in multiple Risk IDs and this would vary from the combination of rules generated.

Just that, the actions contained within different Functions should be different, i.e. 2 different functions should not contain same actions, but the Action Rules generated from these functions can have the same Rule ID.


Overall, you should validate the results of risk analysis based on the transactions contained with a user and the actions maintained within the functions (contained within Risks) OR the violating Risk ID which can further on drill down show the actions contained within functions.

Also, to explain the logic of Rule ID: 0001 would be generated for a combination of Tcode 1 & Tcode 2 coming from different functions assigned in the Risk.

Rule ID 0007 would ideally be generated based on 7th such combination of Tcode 1 with Tcode 7 for example.


Hope this is useful.

Answers (0)

Ask a Question