- SAP Community
- Products and Technology
- Additional Q&A
- GRC Access Risk Report for Business - User Level
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
GRC Access Risk Report for Business - User Level
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 08-07-2015 7:43 AM
Hi Experts
We are currently on GRC 10 SP10. Our business users are looking for a Access Risk Report to run on ABAP.
The report should contain the Users details, Roles, Tcodes with Risk and Function ID.
Currently there is the User Level Risk Report, however this contains a lot of Technical information which the business does not understand.
In User Level Report the Management Summary or Executive Summary format does not help.
Is there anyone that has developed a report on ABAP similar to this?
Does anyone know which tables to use to get information generated by the User Level Report?
We are looking at upgrading to GRC 10.1 in the future. Would it be preferable to develop something at that stage or is there such a report on GRC 10.1?
Hope to get some positive responses from you experts
Regards
Mustafa
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
HI Mustafa,
I have done similar things with queries (SQVI) and gather the data from the following tables. Please be aware that the data stored in the tables are offline data. Real-time analysis fetches the data at runtime and hence they are not stored in a table.
To read offline risk analysis date please use the following tables (always consider action level and permission level for user/role/profile analysis):
For user level:
GRACUSERACTVL
GRACUSERPRMVL
For role level:
GRACROLEACTVL
GRACROLEPRMVL
For profile level:
GRACPROFILEACTVL
GRACPROFILEPRMVL
If you have further question please do let us know.
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Alessandro
Thanks for the information regarding the tables. It was helpful.
We will be using table GRACUSERPRMVL and running queries however the issue is field ROLEID.
1) When trying to retrieve the Role name using table GRACROLE and entering the ROLEID from table GRACUSERPRMVL it does not match.
Is there any other way of getting the Role name? I would believe that the ROLEID should be the same.
2) Question from Alfredo, how do these tables update? What needs to be Run?
3) Is there a table that stores the users UserGroup?
Regards
Mustafa
Answers (0)
- 5 Easy apps that can be created right away using Joule AI Assistant in Technology Blogs by SAP
- Use CRUD Opreations with SAP Datasphere Command-Line-Interface in Technology Blogs by SAP
- Supporting Multiple API Gateways with SAP API Management – using Azure API Management as example in Technology Blogs by SAP
- Enhanced RISE with SAP Methodology with clean core quality checks in Enterprise Resource Planning Blogs by SAP
- Jumpstart your cloud ERP journey with guided enablement in RISE with SAP Methodology in Enterprise Resource Planning Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.