cancel
Showing results for 
Search instead for 
Did you mean: 

Risk Analysis Results differ for different Rulesets

Former Member
0 Kudos

Hi,

We have two rulesets. One is standard Ruleset and other is Custom Ruleset with standard rules + Custom t-codes added.

So in development i have created a test user and added standard t-codes. but when running user risk analysis i am getting different results.

When the standard and custom rule sets should be the same. For Custom Ruleset only few 1 risk id is being flagged. while for the same user for standard ruleset 'global' 4 risk id's are flagged

I still don't understand why the results are different. Can anyone please help me out. is this a bug?

I have run user risk analysis based on criteria

system selection

user selection

risk level: high

ruleset: i have removed, so that i can see the results for both the rulesets at a time.

- Repository has been done

- I checked my rule summary in nbwc and can see the rules

-  i have checked gracactrule table and can see the rules activated

I am on GRC 10.1 SP 09

please see the results below:

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Thaanks Rakesh, issue is resolved. custom ruleset, values were wrongly uploaded because of the excel. It took number format for values like 01.

Answers (3)

Answers (3)

0 Kudos

Hi,

Please check rule ids for the same risk in both rule set, Standard and custom.

Could you please ensure that Rules are generated for Custom as well as Standard ruleset.

For checking, please compare using one Risk ID only and then compare the Rule ID's generated for both ruleset. Please ensure that both Rule ID's are same.

Also as mentioned by you in Custom ruleset you have custom Transaction codes added then there must be additional Rule ID's and Risk id's in Custom ruleset.

Regards,

Rakesh Kirve

Former Member
0 Kudos

Sorry, i forgot to tell you. Custom Ruleset is made of underlying Standard Rules.

What i had observed in my analysis by comparison for both ruleset is that, Risk Analysis at Action level is working fine but Permission level and Critical Action for Custom Ruleset is not working for Custom ruleset.

In Rule library in NWBC, i can see the generated rules for custom.

I have activated only few business process rules not all and we have created custom rule set so that customer can use custom t-codes in their rule set and don't mess up standard ruleset

0 Kudos

Hi Venkat,

If you want to get same result from standard and custom rule set, both rule sets should have same rule ids then only it will give correct result.

Rule ids will get generate depend on Action and permission you defined in Functions for risk.

For critical action report you have to define Risk Type as Critical Action while creating the RISK.

so that system will identify that RISK for Critical Action.

Regards,

Rakesh Kirve

Former Member
0 Kudos

Hi Rakesh,

As i told you. My Custom Ruleset is same as standard Ruleset with only function & risk ID's change.

Even for Critical Action i have uploaded Critical Actions Risk available by default in Standard Ruleset.

0 Kudos

Hi Venkat,

Please Correct me if i am wrong you are having below two rule sets

1. Standard rule set

2. Custom rule set (exact copy of Standard rule set in addition to that few custom tcodes have been added)

when you run risk analysis number of risk you are getting for standard rule set should get match with custom rule set also

(except for custom t codes which you have inserted additionally in custom rule set)

but results you are getting in risk analysis for permission level are

1. standard rule set shows more risk for the same user

2. Custom rule set shows less risk for the same user

possibility of getting different results are permission(Authorization Object) define in functions does not seems to be same.

For checking, please compare using one Risk ID only(which u get additional in standard but not for custom) and then compare the Rule ID's generated.

In both rule set data present in the rule ids should be the same for both Standard and Custom rule set.

Regards,

Rakesh Kirve

0 Kudos

Hi,

Also you can copy any one of the risk which you are getting in Standard rule set and rename it with new risk Z* also change the rule set from standard to Custom and the generate rules.

Then check risk analysis report must show that Z* risk for custom rule set.

Regards,

Rakesh Kirve

former_member192902
Participant
0 Kudos

Hi Venkata Rao,

Have you generated Custom rule set post modifying with custom T-code?

Generate from SPRO and try again and also compare the T-code functions of both the rulesets.

With Regards

Trinadh Bokka

plaban_sahoo6
Contributor
0 Kudos

HI,

Could you try running by choosing the Rulesets, instead of leaving it blank, and then let us know the results

regards

plaban

Former Member
0 Kudos

Hi Plaban,

I tried it but no luck. still the same result. i removed the filter for ruleset only for the screenshot, so that rules can be captured and see the difference.