on 06-28-2008 12:26 PM
Hi Experts
I am running risk analysis in CC 5.2 for a display role , it puts out quite a few risks and when I checked the report in a detial format , I could discover that it checking the transaction start for each conflicting tranasaction .
As matter of fact the conflicitng transaction here are enabled in CC but all the underliying objects are disabled ,but its checking the S_tcode by default , how can I make this role risk free ?
Thanks in advance
Prem-
CC is working as designed. It is picking up S_TCODE as a conflict because, as you said, it is enabled. If you disable it, it will not pick up the conflict...
Ankur
GRC Consultant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ankur,
I totally agree with you CC just works as we tune it , but I dont even have S_tcode enabled for them transactions
and S_tcode is not even check máintianed in Su24 fo these transactions ,
S_tcode doesnt appear under the transaction in CC how can I disable it .should I be adding the S_tcode and disable it , it as good as not adding it .
Thanks & Regards
Prem-
I just tested your scenario, and I am getting the same result for one of our Display roles. It was never caught before because, that role is not assigned to anyone. I know that you are not supposed to have s_tcode maintained in the su24 table.
I cannot explain why or how this is happening. I suggest opening an OSS note, if nobody else has an explanation for this...
Ankur
GRC Consultant
Hi Ankur,
I have played around a little bit and discoverd one thing , any transaction with no objects enabled underneath in CC will put out a risk for sure.
I have enabled atleast one object *( ofcourse which the one whihc is relevent ) then the risk is gone .
what I am trying to tell here is when the objects are disabled under the transaction , it is by deafult checking S_tcode and putting out a risk .if atleast one of the object is enabled then it wont put out S_tcode no more .
Try this Ankur it worked for me
Regards
Prem-
In the Configuration tab, your default level for Risk Analysis is probably set on Action Level. Change that to Permisssion Level, and you should be ok...
Ankur
GRC Consultant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.