OSS #1045144 - migration of Virsa CC 4.0 to 5.2
According to the note - migration is not recommended.
Note says ...
Upgrade / Migration of CC 4.0 to CC 5.2 should be done under the supervision of SAP GRC Consultants, because of the following reason 1.Utility and VIS reports available in 4.0 are not available in CC 5.2 2. Conversion of more than one ABAP System rules and controls is not possible via the conversion utility provided for CC 5.2. The Security Concept of R/3 is more granular than the Netweaver Security model on which CC 5.2 is based. For example, CC 4.0 can be secured to restrict who can maintain specific risks and controls as well as reporting by user groups. 3.CC 5.2 security is not as granular and users who have access to maintain risks can maintain all risks, users who can run reports can report on all User Groups, and users who can maintain controls can create and maintain controls for al
Anyone have experience with migration ?
No, it's not true. Once you've completed the installation/upgrade, created your connectors, etc., you go into the backend and create files for the text objects, auth objects, and your existing rules, mitigation, etc.
See Pages 23-31 of the SAP GRC Access Controls 5.2 Product Migration document.
Make sure you see SAP Note 1086611 Truncating Characters When Downloading CC4.0 Rules; and SAP Note 1039039 CC 4.0 to CC 5.2 Migration Error, and do these patches before you try to migrate your existing data.
We're making slow but steady progress. We've been told that we're one of the first few to actually migrate our rules rather than using the ruleset delivered with CC 5.2, so we kind of just pioneer our way along and learn from mistakes. We are presently working with SAP developers on a couple of other issues and possible bugs related to migrating our rules.
Let me know if I can provide any other information to you. My email is firstname.lastname@example.org.