on 08-20-2015 7:48 AM
Hi,
We have found Critical Action Level risk in Dev system while running RA ,but in production we have not seen any risks for the same role.We have checked function ID & Risk ID in both environments and no differences found.
Please help me.
Hi All,
Thank you so much your help
I have generated rule set and now issue is resolved.
Regards
Simmu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Simmu,
Your ruleset is not generated. You can setup a daily periodic background job for program 'GRAC_GENERATE_RULES' in your GRC system. This will insure that any time you make any change to ruleset your rule get generated.
(1) You can generate rule set from NWBC. NWBC method is posted by Alessandro Banzer above.
(2) In backend transaction SPRO.
SPRO->Governace Risk and Compliance-> Access Control ->Access Risk Analysis -> SoD Rules -> Generate SoD Rules.
Let me know if works
Arvind
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Let me know if i have understood correctly.
In dev system you have run risk analysis critical level for Role A : you found risk
in PRD critical Action Level risk for Role A : no risk found.
the above information is not valid in you last msg, the rule set you have pasted in SOD rule set from PRD system.
look for Action rule in Both the system.
ensure in PRD its generated.
Regards,
Prasant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Simmu,
can you please also compare the access rule details as those are considered in risk analysis. Whenever you change risks or functions you need to generate the rules. Therefore please also check if the rules are similar.
You can do so in NWBC > Rule setup > Generated Rules > Access Control Rules.
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Alessandro,
I have downloaded relevant risk id rule set from below path
NWBC > Generated Rules > Access Rule details
Please find below differences and and let me know the relevant action which needs to be taken.
In Dev:
System | Rule Set | Access Risk ID | Functions | Action | Access Rule ID | Permission Object | Field | Status | Value From | Value To | Owner | Condition |
Dev | Global | GL08 | G006 | OB08 | 000O | S_TCODE | TCD | Active | OB08 | AND | ||
Dev | Global | GL08 | G006 | OB08 | 000O | S_TCODE | TCD | Active | OB08 | AND |
In PRD:
System | Rule Set | Access Risk ID | Functions | Action | Access Rule ID | Permission Object | Field | Status | Value From | Value To | Owner | Condition |
Prd | Global | GL08 | G006 | OB08 | 000C | S_TCODE | TCD | Active | OB08 | AND | ||
Prd | Global | GL08 | G006 | OB08 | 000C | S_TABU_DIS | ACTVT | Active | 1 | OR | ||
Prd | Global | GL08 | G006 | OB08 | 000C | S_TABU_DIS | ACTVT | Active | 2 | OR | ||
Prd | Global | GL08 | G006 | OB08 | 000C | S_TABU_DIS | DICBERCLS | Active | FC32 | AND | ||
Prd | Global | GL08 | G006 | OB08 | 000C | S_TABU_DIS | ACTVT | Active | 1 | OR | ||
Prd | Global | GL08 | G006 | OB08 | 000C | S_TABU_DIS | ACTVT | Active | 2 | OR | ||
Prd | Global | GL08 | G006 | OB08 | 000C | S_TABU_DIS | DICBERCLS | Active | SCUS | AND | ||
Prd | Global | GL08 | G006 | OB08 | 000C | S_TCODE | TCD | Active | OB08 | AND |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.