CC 5.2

thanks

In AC 5.3 (which I am believe is the same as AC 5.2) you have 2 different types of Alerts

Conflicting Actions and Critical Actions

And you can choose the risk ids for both but there is no setting that suggests that they are using the permission level values for these risks.

Simon,

Thanks for the reply

Can we conclude as follows :

"SAP GRC Risk and Remediation alert monitoring and alert notification do not take into account any function permissions settings before, during or after alert analysis. By this logic, users will be reported as soon as alertlog.txt line items correspond with items from the action tab as part of functions, regardless the fact those users' user buffer does not have the necessary permissions as specified within that same function."

I have noticed your email suffix sap.com --> Can I consider your answer as an official answer from SAP to my question ?

HI Sam

I agree that I believe your description is correct. However, since I am just a consultant at SAP you can not take my response as being the official reply.

You would need support, development or solution marketing to make the official response.

Personally I would create an OSS note to confirm your view. Personally nobody has ever asked me this before either at a client on in the many classes I have taught around EMEA.

Absolutely agree with every word that Sam said.

I suffer exactly the same problem. A lot of false positives.

I can't understand why CC-RAR doesn't take in account action-permissions. This will be fixed by SAP in a future version of GRC-AC?

Thanks in advance

Victor