cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Permission Level Risk Analysis is showing as "No Violation" in SAP GRC 10.1 SP5

Former Member

on ‎07-15-2016 12:25 PM

0 Kudos

Hi All,

I am running a Role Level Risk Analysis for a risk contained sample role  in SAP GRC 10.1 SP5 system. Report results successfully for "Action Level" but it is showing "No Violation" at "Permission Level" though it had to show me permission level risks. I have checked the rule-set. And also have checked the Risk-rule-set which is generated, and it seems perfect.

Please help me to resolve this issue. Thanks in Advance!

Regards

Manisha

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (6)

Answers (6)

former_member185447
Active Contributor
‎07-28-2016 1:49 AM
0 Kudos

Hello Manisha,

In addition to the above solutions, please find the following:

  1. 1. Did you happen to check the following discussion?

https://scn.sap.com/thread/3599079

  1. 2. Check if the status at Permission level is set to inactive?

Regards,

Rakesh Ram M

Show replies
Show replies
Former Member
‎07-27-2016 8:33 PM
0 Kudos

Hello Manisha,

Please check SAP Note # 1262329

The reason why you can see risks at Action level but not at Permission level is because the user does not have the required permissions (authorization objects) to fulfill the conditions determined by the Risk.

What you can do to troubleshoot it is:

1. Looking at said Risk through NWBC and selecting the "Permissions" tab. Take note of all authorizations required

2. Cross-check it with the user or role being checked in the Risk Analysis. If the user does not have the minimum authorization values as defined in the Risk definition, it means your Risk Analysis is working perfectly.

Risks may show up in Action level and not in Permission level -- but never the other way around.

Show replies
Show replies
Former Member
‎07-26-2016 7:10 AM
0 Kudos

Hi,

Could you please help me on the issue which I am facing.

Regards

Manisha

Show replies
Show replies
Former Member
‎07-19-2016 2:39 PM
0 Kudos

Hi,

Could you please help me on the issue which I am facing.

Regards

Manisha

Show replies
Show replies
former_member204479
Active Participant
‎07-15-2016 1:15 PM
0 Kudos

Hello Manisha,

Are you running the risk analysis from "Report and Analytics" tab? If so, this is based on the batch risk analysis data.

In that case, can you ensure that the batch risk analysis was executed for permission level also? If it was run only for action level then the case you mention might happen.

Thanks!

Sammukh

Show replies
Show replies
Former Member
‎07-18-2016 6:51 AM
0 Kudos

Hi Sammukh,

Thanks for the reply!

I am trying to perform Ad-hoc Risk Analysis from Access Management tab on NWBC --> Role Level Risk Analysis and I am getting this incorrect result.

Regards

Manisha

Former Member
‎07-15-2016 12:39 PM
0 Kudos

Hi Manisha,

Can you check the Value from and Value to fields for ACTVT in the function permission Tab.

If the value are like 1 and 2 you need to change these to 01 and 02 , the same as your backend system.

Regards,

Manju

Show replies
Show replies
Former Member
‎07-15-2016 12:46 PM
0 Kudos

Hi Manju,

I have checked the rule-set in the GRC system, the field value is correctly set as 01 and 02 in Permission tab, as that of back-end system. Then also i am facing the issue.

Regards

Manisha

Former Member
‎07-15-2016 1:39 PM
0 Kudos

Hi Manisha,

Do you see any error logs in SLG1 or ST22 dumps?

Can you try re-generating the SOD rules and check if the action and permission rules are successfully generated for all the risks.

Then , try running the risk analysis and check if you are able to see the violations at permission level.

Regards,

Manju

Former Member
‎07-18-2016 6:55 AM
0 Kudos

Hi Manju,

Thanks for the reply!

I have successfully generated the rules for the risks at the permission level, but then also I am getting the incorrect results.

Also my SLG logs is clear and in GREEN color and I am not getting any ST22 dump

Regards

Manisha

Ask a Question