- SAP Community
- Products and Technology
- Additional Q&A
- False-Positive SoD conflicts by Org. Level
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
False-Positive SoD conflicts by Org. Level
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 10-10-2007 1:04 PM
Hi everyone,
I'm working on CC 5.1 and the tool is stabilized and is working fine. We used this tool to remediate more or less 50% of our SoDs.
My question is:
If risk A is only a risk if the roles assigned to the user have the same Plant or Company code, how could I possibly set up CC to check this?
In other words, if the conflicted transactions are not used in the same Org. Level, it's not a risk anymore.
Many thanks in advance for your assistance.
Cheers
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
You can configure GRC to check for conflicts per Org.
P.Marcello
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
To expand a bit on Patrick's response. you can user Organizational Rules to eliminate the false positives that are being reported.
The user guide contains details on all of the steps required to use org rules, but in a ntushell this requires:
- Identication of the risk(s) being incorrectly reported
- Modification of the necssary functions to activate the appropriate org-level fields in the associated permissions
- Rule regeneration
- Use Rule Architect feature to create approriate org rules
- Run Org User Mapping batch function to collect data on org level/user relationships (needs to be executed on a recurring basis to be kept current)
Once these steps have been performed, user level risk analysis performed from the "Org Level" menu option should only report the desired conflicts.
Answers (2)
Answers (2)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Everyone,
Many thanks for your input and support on my issue. I have tried a few steps and it's working fine, the only problem we have is the process flow, because in order to eliminate the false-positive you cannot run it via the "normal" risk analysis tool called "User Analysis".
That means, I will have to request from our support teams to run a risk analysis report for our users twice, a normal User risk analysis and the Org Risk analysis to have a complete vision of what is really a risk and what's not
Anyway, thanks for your help.
Cheers
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
There is a very good 14 page Quick Reference Guide that explains how to use Org Rules in GRC 5.2 available.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Extend Your Crystal Reports Solutions in the DHTML Viewer With a Free Function Library in Technology Blogs by Members
- sap.ui.RichTextEditor conflicting with sap cap application validation message popup in Technology Q&A
- ISAE 3000 for SAP S/4HANA Cloud Public Edition - Evaluation of the Authorization Role Concept in Enterprise Resource Planning Blogs by SAP
- Best practice to connect to multiple databases (Crystal Report) in Technology Q&A
- remove billing plan block from sales order in Enterprise Resource Planning Q&A
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.