cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Mitigation Button is not visible in Risk ViolationsTab

former_member756234
Explorer

on ‎03-11-2015 9:53 AM

0 Kudos

Hello Experts,

One of the end user is not able to see Mitigate Risk buttong on Risk Violations Tab. User is following steps in Access Request.

1. Going to work Inbox

2. Opening Access Request, change role/account,

3. Running Risk Analysis

3. Selecting all risks

Here normally next step should be to click on Mitigate Risk button, which is not visible to this user.

I did check application logs but did not find anything.

Could you please share your views and resolution?

Thank you in advance.

Regards

Kedar G.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎03-11-2015 10:37 AM
0 Kudos

Hi Kedar,

   Firstly, why would an end user need access to mitigate the risks. This should be the Job of a Monitor.

And if you were referring to Monitor only, then this could be due to missing Authorizations. I remember facing similar issue and it was the problem of authorizations. Make sure the one who is trying to assign Mitigation ID has enough access.

Usually the Monitors are assigned with SAP_GRAC_CONTROL_MONITOR role which gives the access to assign Mitigation ID.

Hope this helps, Let us know for any queries.

Regards,

Fazil

Show replies
Show replies
Former Member
‎03-11-2015 10:54 AM
0 Kudos

GRAC_MITC is the object which gives access to this. This is present in SAP_GRAC_CONTROL_MONITOR Role.

Regards,

Fazil

madhusap
Active Contributor
‎03-11-2015 11:03 AM
0 Kudos

Hi Fazil,

As per my knowledge GRAC_MITC object is more to control the authorization to Create/Assign/Delete Mitigation controls but this is not related to Mitigate Risk button visibility in access request screen.

Are you sure this controls Mitigate Risk button visibility as well? I don't have system to check So wanted to confirm..

Regards,

Madhu.

Former Member
‎03-11-2015 11:35 AM
0 Kudos

Hi Madhu,

    Yes the Object can even be used to create the Mitigation Control, but under Activity, we do have option to maintain for assigning the Mitigation Control only(ACTVT = 78). So I was just wondering if this access is given, then the user might be able to mitigate risks by assigning the mitigation Control

Correct me if I am wrong

@Kedar : Try this and let us know if this works.

Regards,

Fazil

former_member756234
Explorer
‎03-11-2015 11:41 AM
0 Kudos

Hello,

I have checked user, who is not an end user but administrator is assigned with role SAP_GRAC_CONTROL_MONITOR already, also auth object GRAC_MITC is having following values.

Activity                       02, 03, 78

SOD Control ID                 *

HR Object ID                   *

Administrator is not able to see Mitigate Risk button at all.

Please find attached screen.

Kindly check and assist.

Thank you.

Regards

Kedar

madhusap
Active Contributor
‎03-11-2015 12:51 PM
0 Kudos

Hi Fazil,

GRAC_MITC is used to control authorization when u click on Mitigate Risk button but here user has issue with visibility of that button

Regards,

Madhu.

madhusap
Active Contributor
‎03-11-2015 1:07 PM
0 Kudos

Hi Kedar,

Is this happening with all GRC requests or any specific requests?

Basically Mitigate Risk button is not even customizable through personalization settings in Webdynpro.

Regards,

Madhu.

Former Member
‎03-11-2015 5:37 PM
0 Kudos

Hi Kedar,

    Do you face this problem in Dev box also? If yes, then you can do a simple and quick test just to find out if its access issue or not. Try giving the Admin ID SAP_ALL and SAP_NEW and try mitigating. If it works after this, then this is an access issue. We can think about the access correction. This could be a silly test but you never know

If it still doesn't work, then probably SAP needs to provide you some correction

Let us know the result if possible.

Regards,

Fazil

former_member185447
Active Contributor
‎03-12-2015 9:59 AM
0 Kudos

Hello Kedar,

Did you find the solution or still facing the issue?

Regards,

Deepak M

former_member756234
Explorer
‎03-13-2015 11:57 AM
0 Kudos

Hello

I did create access request using SAP_ALL and SAP_NEW and ran the risk analysis where I am able to see Mitigate Risk Tab.

Seems to be an authorization issue.

Kindly share your thoughts.

Thank you in advance.

Regards

Kedar

madhusap
Active Contributor
‎03-13-2015 1:25 PM
0 Kudos

Hi Kedar,

This cannot be authorization issue as GRAC* objects are not part of SAP_ALL or SAP_NEW profile. They will be in role SAP_GRAC_ALL and more over for "Mitigate Risk" button visibility there is no authorization object.

Check during request submission in "Risk Violations" tab is there "Mitigate Risk" button?

Check from Approver's Work Inbox for any request if in "Risk Violations" tab is there "Mitigate Risk" button? Is it happening with particular request or all requests?

Regards,

Madhu.

Former Member
‎03-13-2015 2:31 PM
0 Kudos

HI Kedar,

     Did you try ST01 Trace? Now that you are able to see Mitigate Risk button(with extra access), Check what objects is it looking for when you click Mitigate Risk Button. Let us know the results Please.

Regards,

Fazil

Former Member
‎03-18-2015 1:00 PM
0 Kudos

Hi Fazil,

Could you please paste the audit log once. May be delegated to some one or may be cancelled by someone.

Thank you

Ranjan

former_member756234
Explorer
‎03-25-2015 6:25 AM
0 Kudos

Hello,

I had checked with GRC system administrator who is also not able to see Mitigate Risk tab on Risk Violation Tab.

But when she open the request by clicking on Administration tab she is able to see Mitigate Risk Tab in Risk Violation Tab.

I had authorization trace for above activity and had captured following authorization objects with values. Kindly check.

S_USER_AGR RC=0
ACT_GROUP=SAP_GRAC_ALERTS;ACTVT=03;

S_USER_AGR RC=0
ACT_GROUP=SAP_GRAC_ALL;ACTVT=03;

S_USER_AGR RC=0  ACT_GROUP=SAP_GRAC_BASE;ACTVT=03;

S_USER_AGR RC=0
ACT_GROUP=SAP_GRAC_CONTROL_APPROVER;ACTVT=03

S_USER_AGR RC=0
ACT_GROUP=SAP_GRAC_CONTROL_MONITOR;ACTVT=03

S_USER_AGR RC=0
ACT_GROUP=SAP_GRAC_CONTROL_OWNER;ACTVT=03;

S_USER_AGR RC=0
ACT_GROUP=SAP_GRAC_END_USER;ACTVT=03;

S_USER_AGR RC=0
ACT_GROUP=SAP_GRAC_FUNCTION_APPROVER;ACTVT=03;

S_USER_AGR RC=0
ACT_GROUP=SAP_GRAC_RISK_ANALYSIS;ACTVT=03;

S_DEVELOP  RC=0
DEVCLASS= ;OBJTYPE=WDCC;OBJNAME=GRAC_FPM_CC_LPD_ACCESS_MGMT 00;P_GROUP=
;ACTVT=03

GRAC_RA  
RC=0  ACTVT=16;GRAC_OTYPE=1

GRAC_RA  
RC=0  ACTVT=16;GRAC_OTYPE=2

GRAC_RA  
RC=0  ACTVT=16;GRAC_OTYPE=3

GRAC_RA  
RC=0  ACTVT=16;GRAC_OTYPE=4

GRAC_REQ   RC=0
ACTVT=02

GRAC_REQ   RC=0
ACTVT=70

GRAC_ROLED RC=0
GRAC_ACTRD=03

GRAC_ROLED RC=0
GRAC_ACTRD=V5

GRAC_ROLED RC=0
GRAC_ACTRD=V7

GRAC_ROLED RC=0
GRAC_ACTRD=V7

GRAC_RLMM  RC=0
ACTVT=38;GRAC_RLMMT=02

GRAC_RLMM  RC=0
ACTVT=38;GRAC_RLMMT=02

GRAC_RLMM  RC=0
ACTVT=38;GRAC_RLMMT=03

GRAC_RLMM  RC=0
ACTVT=38;GRAC_RLMMT=06

GRAC_BGJOB

GRAC_MITC  RC=0
ACTVT=78

GRAC_REQ   RC=0
ACTVT=01

GRAC_HROBJ RC=0  ACTVT=01

GRAC_REQ   RC=0
ACTVT=03

GRAC_REP   RC=0
ACTVT=16;GRAC_REPID=GRAC_ERM_ACTION_USG

GRAC_ROLED RC=0
GRAC_ACTRD=V1

GRAC_REP   RC=0
ACTVT=16;GRAC_REPID=GRAC_ERM_USR_RL_LINK

Thank you.

madhusap
Active Contributor
‎03-11-2015 10:24 AM
0 Kudos

Hi Kedar,

Is the "Mitigate Risk" button completely invisible or read only?

Please share screenshot

Regards,

Madhu.

Show replies
Show replies
Ask a Question