on 11-30-2014 4:20 AM
I am working with on risk remediation assignment things are going well with other areas like FI, PTP, HR & Basis etc but I struck with Plan Maintenance (PM00). Here I need you help and expert opinion to guide me in right direction.
I tried different ways to analyse but no outcome:
1). I ran risk analysis on role level with given list of roles,
2). I ran risk analysis by business processes,
3). I tried batch risk analysis on user level and role level but GRC box is not showing me risk.
BC set “GRAC_RA_RULESET_SAP_R3” is active. Its GRC 10, SP-level: 16
Waiting for you valuable contribution and thanks in advance for your help.
Thanks and Regards.
Dear Nasir,
firstly check if the rules are properly generated. Therefore go to Reports & Analysis and run report "Access Rule Detail Report" for the particular access risk.
Also be aware if the roles don't have any violations the report won't show risks.
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Nasir,
if the access risk shows only one function then it is a critical action or critical permission risk. SOD risks contain at least two functions as SOD is always a conflict between two conflicting functions.
Did u ran the the SOD rule generation job (GRAC_GENERATE_RULES via SE38)? You can also start from SPRO > GRC > AC > Access Risk Analysis > SOD Rules > Generated SOD Rules.
Also it might help if u can share screenshots.
Best regards,
Alessandro
Check if you are looking at the right report..
Like what Alessandro said, this is a critical action/permission and it will only show up when the report for critical action/permission is selected.
Make sure all the detail visible on the rule detail exists in the user buffer (or role assigned to the user).
Cheers,
NJ
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.