AC 5.3 Risk Analysis to SRM 7.0

Hi SAP experts.
I would like to know if its posible to execute a Risk Analysis through a SRM 7.0 module, and instead of transacctions if it is posible to use the webdynpro links like actions or tcodes.
My doubt is based on the fact that in SRM 7.0 the proper tcodes like BPP* are not use in this release, and these are changed by webdynpro links. Is it possible to use that links as tcodes for the SoD Matrix?
Thanks in advance.
Regards.

Hi Kunal.
Firstly, thanks a lot for your support.
In addition, I know that with the previous release of SRM, is posible to conect SAP GRC AC with SRM. But if I create a conector like to a SAP system from GRC to SRM, do you think that is imposible to associate that kind of webdynpro links as an AC action?
On the other hand, instead of create a conector SAP, I create a conector, like a NON SAP system from GRC to SRM, could be this a possible way to match Access control actions with SRM webdynpro links?.
And finally, is possible to execute a RAR analysis to a posible Cross-System between ECC and ERM (configured as NON SAP system)?
Thanks in advance.
Regards.

Similar Messages

AE 5.2 cross system risk analysis with CC 4.0

Hi,
We have an unique situation.
We have CC 4.0 (central) set up in ECC system where the rules and risks are defined for systems such as R/3, HR and SRM
We need AE to use this central CC system to do the risk analysis when an access request for HR or SRM is submitted in AE 5.2. Right now for a request to a HR system, risk analysis is being done in HR system where there are no rules and hence no risks are identified.
Environment :
CC 4.0 in ECC 5.0 with VIRSANH RTA 520_640 Level 3 and VIRSAHR RTA 520_640 Level 2
AE 5.2 JAVA in NW 7.0 SP level 2
Risk analysis for Access requests to ECC system is done with out any issues and the connectors in AE are defined as well as CC 4.0 configuration for cross system is enabled.
Please give your suggestions and also tell me if this below scenario is possible.
Use CC 5.2 Java stand alone system and define logical/cross system to connect to multiple systems such as HR and SRM and use those specific rules to do the risk analysis.
Thanks

Hi RM,
You can setup Risk Analysis inside AE Configuration.
You can identify the level of risk analysis and specify the Compliance Calibrator version for processing risks.
See the details from the AE Configuration Manual
In the Select Compliance Calibrator Version pane, from the Version drop-down list, select the version of Compliance Calibrator.
In the URI field, enter the appropriate URI address for the web services.
In the User Name field, enter your User ID. Your User ID must have security access
to web service.
In the Password field, type your password.
Select the Perform Org Rule Analysis option to perform org. rule analysis at risk
analysis time.
Note: There are two selectable versions of Compliance Calibrator. If you select 5.0 Web Service, three additional fields appear (URI, User Name, and Password). For the URI field, you need to navigate to the
SAP NetWeaver Web Application Server Home page > Web Services Navigator > CCRiskAnalysisService > WSDLs > Standard link of Document, where you will see a list of all web
services in the server. Select the desired URI address.
If you select Compliance Calibrator 4.0, there is no need to connect to a URI address
So the answer is YES, you can connect AE 5.2 with CC 4.0 for Risk Analysis.
Hope this helps,
Regards,
Kiran Kandepalli.

Risk Analysis for Third party ERP system

We want to perform offline risk analysis for third party ERP(SRM) system.... We have already GRC system installed with Global rule set for SAP ERP & want to have another ruleset for offline risk analysis.
Just would like to have a confirmation for below steps & estimated time for this.
Activities Need to be performed from Our side(Client) :-
1) Send the RAR format for Users/Roles/Actions & Permissions.
2) Cross Verify the format.
3) Create the connector for stored files.
4) Upload the files via Data Extraction utility.
5) Generate the ruleset for SRM(third party).
6) Schedule the various background jobs.
Activities Need to be Performed from Third Party - HUBWOO(Owns SRM ERP system) :-
1) Convert users/action/roles and permissions files to RAR format.
Activities need to be Performed from SAP :-
1) Provide the ruleset for HUBWOO SRM system.
Please let me know if I missed any step above & estimated time to complete from our end & did anyone has come across ruleset for HUBWOO system..?
Thanks in Advance!!

Thanks all for your reply,
Alpesh, but still I have small concern here, when SAP provide the ruleset files, it also provides for Oracle, People soft & JDE ERP.
Though these are also third party ERP's for SAP...?
Does it mean that we can'task for ruleset for other third party ERP from SAP...? or does SAP Charge something for it..?
Thanks

GRC AC 10:How to generate Access Rule? No output from User or Risk Analysis

Hello Gurus,
We have done configuration of GRC AC 10, and uploaded files via
SoD rules -->Upload Rules
After that we generated SoD rules for Risk Id : B001 and B002
Now when we go to NWBC --> Reports & Analytics >Access Dashboards>Access Rule Library
The report shows (for Group Rule level : Action)
Number of Active rules : 0
Number of Disabled Rules : 0
Number of Functions : 151
Where as for Group Rule level : Action Risk
The report shows
Number of Active Risk : 42
Disabled risk : 161
Nmr. of functions : 151 .
When we perform Risk Analysis at User Level or Role Level, the output is empty !!!
Note: All the background jobs have run successfully.
Also the SoD files also have been uploaded successfully.
Will you please guide how can i activate the "rules" for the uploaded risk ??
regards,
Victor

Hello Victor/ Inder,
For Risk ID B001functions are BS02 and BS11 if you open any one of them you can see system maintained as SAP BASIS which is SAP_BAS_LG (logical connector group).
Post installation you can check in SPRO>Governance, Risk and Compliance-> common Component---> integration framework-> maintain connector and connector types->select SAP and click Define connector Group.
BUSINESS     Business Roles     SAP
SAP_BAS_LG     SAP Basis     SAP
SAP_CRM_LG     SAP CRM     SAP
SAP_ECC_LG     SAP ECCS     SAP
SAP_HR_LG     SAP HR     SAP
SAP_NHR_LG     SAP R3 - NON HR Basis Logical Group     SAP
SAP_R3_LG     SAP R3     SAP
SAP_SRM_LG     SAP SRM     SAP
(If not present then manually you can create the same)
Select SAP_BAS_LG and put connector type as SAP, select SAP_BAS_LG and click Assign Connector group to group types as AM & LG, then click on Assign Connector to connector group and maintain you connector.
Post this activity re generate SOD for B001 and then check for user level and role level analysis.
Hope it will resolve your issue.
Regards,
Sudesh

Ad hoc Risk Analysis report is returning incorrect Risk Level for some Risks

We are running GRC AC 10.0 with SP 16. After application of Support Pack 16, some of our ad hoc risk analysis reports are returning incorrect risk levels. For example: Risk F024 Open closed periods and inappropriately post currency or tax entries is set as High. When the Ad hoc report is run, the risk F024 will show on a user with a level of Medium. We have generated our ruleset and have followed the normal procedures used to implement the support pack. Any ideas what is causing this issue? I have exhausted my knowledge and search attempts.
Any help is appreciated.
Sara B.

Hi Kevin
Many thanks for your post, we did run a full BRA but no luck unfortunately. Some Risks still reporting as Medium when they should be Critical or High. Oddly it is reporting correctly against some risks just not for all!
Cheers
Hussain

Issue with risk analysis report in GRC10.0

Hi All,
We are running the user risk analysis report from NWBC: Reports and Analytics -> Access Risk Analysis Reports -> User Risk Violation report.
This report is not fetching all the data even though user has all the required authorizations.
We are getting the data when we execute the dashboard reports.
Any one has idea?
Cheers
Hari

Alessandro,
Thanks for the reply. I am aware of this.
Problem is when dash board report is showing the risk for the user but risk anaylsis report in Reports and Analytics is not showing the risks to that user.
As per our investigation, the risk data that is displaying in the risk anaylsis report in Reports and Analytics is incomplete. We didn't find any errors in SLG1. Also there is no issues from authorizations side.
Regards
Hari

Mass role risk analysis issue

Hello GRC Community,
I have a following issue:
When I use mass risk analysis the deactivated authorization objects in the role are displayed as result. At the same time, when I use Role Level Risk Analysis the role with deactivated critical authorization objects doesnt appear.
Does anybody know how to solve this issue? Is there any configuration parameter to be adjusted?
thanks
best regards
Sabrina

Prasant,
here are the screenshots of the Job result:
1. Mass role Risk Analysis
2. Risk Analysis on the (Single) Role Level
Im Backend you can see that the role contains lots of deactivated autorization objects.
I have run all sync Jobs, but seemingly it doesnt help.
Thanks,
Sabrina

No result /report when weu00B4re running a risk analysis in background

Dear forum,
We are running several risk analysis in background (from configuration tab) and we cannot see any result
in the column called "result". However, when we run a offline analysis (from informer tab) we can see that the column "result" is containing a file.
Hope you can help us.
Thanks in advance.

Running risk analysis in background from the configuration tab does not produce a report by design. This background job is really just performing a system maintenence activity and is not intended for report generation. This background job preps data for performing offline analysis as well as the underlying data that supports the management reports in the informer tab (among other things). Generally, anything in the configuration tab is system maintenance related.
It sounds like you're attempting to perform typical analysis of end user access, not system maintenance activities. The informer tab is what you need to be using to perform the analysis.
Within the informer tab, whether you choose to perform online analysis or offline analysis, a report result is always generated. In my experience, there has not been a compelling reason to use offline analysis capabilities within the informer tab. Online analysis (real-time analysis of the SAP system rather than the offline data from the last configuration tab background risk analysis) is naturally always current, which is a plus.

CUP 5.3: risk analysis in workflow impossible due to web service performance?

Hello experts,
We are facing a huge challenge within a AC 5.3 implementation.
Here, AC has been used successfully with CUP and RAR for quite some time now. However, the RAR analysis has not yet been integrated into the CUP workflow. We would like to integrate the RAR analyis in CUP now.
Based on the existing role concept (that uses functional master roles and derived roles per company code, with ca. 30 company codes in place) and the shared service operations in some areas such as FI, there is a large number of users with many roles and consequently, many SoD risks (of course, they are all "repeat" risk per company code).
This leads to a long RAR analysis run time, but it's still acceptable. Analysis on permission level for such "power users" runs about 1 minute, on action level about 5-6 seconds.
However, the web service between RAR und CUP is a problem and cannot cope with our violations. We have currently set the threshold to 75000. In this case, the analysis + web service runs 1-2 minutes. However, we have some users with 200-300.000 violations. In this case, if we deactivate the threshold, we will experience a web service time-out eventually, even with analysis on action level because the amount of violations the web service has to process is the same (or even higher with some false positives).
We also have compensating controls in place for these power users, which will of course reduce the web service run-time considerably. However, this is not applicable to NEW user requests because for those, the compensating controls will be assigned only AFTER the risk analysis has taken place and the risk manager receives the workflow item.
Has anyone experienced this in the past and found a viable solution or work-around? We are basically short of options and considering dropping the project.
Note: An upgrade to 10.X is not (currently) a solution because this upgrade is scheduled and budgeted only for later.
Thanks a lot and best regards
Patrick

Any opinions on this?
Cheers and thanks
Patrick

Error while executing the Job for Objects :null Batch Risk Analysis

Hi All,
We've recently upgraded Virsa to version 5.3_14 . I'm encountering a problem when executing the Batch Risk Analysis job for users, roles and profiles. The job does not complete for some objects and it seems to be sporadic and shows this error: -
Background Job History: job id=395, status=2, message=Error while executing the Job for Object(s) :ABROWN:null
I've attached the log for your review.
Thanks in advance for your help.
Linda Lewis
Feb 9, 2011 1:47:53 PM com.virsa.cc.xsys.meng.ObjAuthMatcher <init>
FINEST: ObjAuthMatcher constructed: 4ms, #singles=2141, #ranges=0, #super=0
Feb 9, 2011 1:47:54 PM com.virsa.cc.xsys.riskanalysis.AnalysisEngine riskAnalysis
WARNING: Job ID:395 : Failed to run Risk Analysis
java.lang.StringIndexOutOfBoundsException at java.lang.String.substring(String.java:1019)
at com.virsa.cc.xsys.util.RuleLoader.getPermRule(RuleLoader.java:573)
at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1609)
at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:321)
at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1166)
at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1464)
at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:560)
at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:363)
at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:375)
at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:92)
at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:444)
at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1236)
at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:332)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(AccessController.java:207)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Feb 9, 2011 1:47:54 PM com.virsa.cc.xsys.util.Lock lock
FINEST: Lock:1004
Feb 9, 2011 1:47:54 PM com.virsa.cc.xsys.util.Lock unlock
FINEST: Unlock:1004
Feb 9, 2011 1:47:54 PM com.virsa.cc.xsys.bg.BatchRiskAnalysis performBatchRiskAnalysis
WARNING: Error: while executing BatchRiskAnalysis for JobId=395 and object(s):ABROWN: Skipping error to continue with next object: null Feb 9, 2011 1:47:54 PM com.virsa.cc.xsys.bg.BgJob updateJobHistory
FINEST: --- @@@@@@@@@@@ Updating the Job History -
2@@Msg is Error while executing the Job for Object(s) :ABROWN:null
Feb 9, 2011 1:47:54 PM com.virsa.cc.xsys.bg.dao.BgJobHistoryDAO insert
INFO: -
Background Job History: job id=395, status=2, message=Error while executing the Job for Object(s) :ABROWN:null
Feb 9, 2011 1:47:54 PM com.virsa.cc.xsys.util.Lock lock
FINEST: Lock:1004
Feb 9, 2011 1:47:54 PM com.virsa.cc.xsys.util.Lock unlock
FINEST: Unlock:1004
Feb 9, 2011 1:47:54 PM com.virsa.cc.xsys.bg.BatchRiskAnalysis performBatchRiskAnalysis
INFO: --- BKG User Permission Analysis (System: P20:020) completed --- elapsed time: 4522 ms
Feb 9, 2011 1:47:54 PM com.virsa.cc.xsys.util.Lock lock
Edited by: Linda Lewis on Feb 9, 2011 9:08 PM

Hi,
Was a solution found for this error?
Thanks,
Glen

Error while doing risk analysis for a user

Hi ,
When i did risk analysis at user level for a particular user we are getting this error under level ."Exception!!. No relavent language message available in database for :0292".I had reuploaded the the messages text file but still the error persists i have restarted the j2ee application but still the error is not going .any pointers please thanx in advance.When checked the file CC5.3_MESSAGES.txt it does not contain any entry corresponding to message code 0292.So how shud i proceed.
Edited by: Ambarish annapureddy on Jan 21, 2009 12:54 PM

Hi Ambarish,
What is the patch level of GRC AC 5.3? Did you apply any service pack recently? Did the service pack contain any message file? There has to be some message file which contains message '0292'. If you can not find the message file then open a message with SAP support and they should be able to provide it to you.
Regards,
Alpesh

Job Error- Batch Risk Analysis (Role Full Sync)

Hi Experts,
I have schedule the background job for Role analysis(Full Sync), but it gives an error- status error.
all connections are working fine and pasted the error log for your reference.
Oct 25, 2010 11:56:36 AM com.virsa.cc.common.util.ExceptionUtil logError
SEVERE: null
java.lang.NullPointerException
     at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthChgRoleInputElement.wdGetObject(IPublicBackendAccessInterface.java)
     at com.sap.tc.webdynpro.progmodel.context.NodeElement.getAttributeAsText(NodeElement.java:888)
     at com.virsa.cc.comp.BackendAccessInterface.execBAPI(BackendAccessInterface.java:401)
     at com.virsa.cc.comp.BackendAccessInterface.executeBAPI(BackendAccessInterface.java:302)
     at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.executeBAPI(InternalBackendAccessInterface.java:4227)
     at com.virsa.cc.comp.BackendAccessInterface.getAuthChangedRoles(BackendAccessInterface.java:3735)
     at com.virsa.cc.comp.BackendAccessInterface.getAuthChangedRoles(BackendAccessInterface.java:3724)
     at com.virsa.cc.comp.BackendAccessInterface.getObjDetails(BackendAccessInterface.java:1428)
     at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.getObjDetails(InternalBackendAccessInterface.java:4327)
     at com.virsa.cc.comp.wdp.InternalBackendAccessInterface$External.getObjDetails(InternalBackendAccessInterface.java:4796)
     at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjDetails(DataExtractorSAP.java:630)
     at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.getObjInfoFromSource(AnalysisEngine.java:4140)
     at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1754)
     at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:317)
     at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1055)
     at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1366)
     at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:559)
     at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:362)
     at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:375)
     at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:92)
     at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:444)
     at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1236)
     at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
     at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
     at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
     at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
     at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
     at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
     at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
     at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:333)
     at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)
     at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)
     at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
     at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
     at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
     at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
     at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
     at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
INFO: Job ID:23 : Analysis done: T_00035951_H_IXOSCFGS elapsed time: 666 ms
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.bg.BgJob setStatus
INFO: Job ID: 23 Status: Error
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.bg.BgJob setStatus
INFO: Job ID: 23 Status: Error
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
INFO: Detailed Analysis Time:
Risk Analysis Time: Started @:Mon Oct 25 11:56:36 EDT 2010
Rule Load Time: Started @:Mon Oct 25 11:56:36 EDT 2010
Rule Load Time:0millisec
Org Rule Loop Time: Started @:Mon Oct 25 11:56:36 EDT 2010
Rule Loop Time: Started @:Mon Oct 25 11:56:36 EDT 2010
Rule Loop Time:648millisec
Org Rule Loop Time:649millisec
Risk Analysis Time:686millisec
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock lock
FINEST: Lock:1004
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock unlock
FINEST: Unlock:1004
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock lock
FINEST: Lock:1004
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock unlock
FINEST: Unlock:1004
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine riskAnalysis
INFO: Job ID:23 : Exec Risk Analysis
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
INFO: Job ID:23 : Before Rules loading, elapsed time: 2 ms
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
INFO: Job ID:23 : Analysis starts: T_00035952_H_PMREAD_I
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock lock
FINEST: Lock:1005
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock unlock
FINEST: Unlock:1005
Oct 25, 2010 11:56:36 AM com.virsa.cc.common.util.ExceptionUtil logError
SEVERE: null
java.lang.NullPointerException
     at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthForRoleInputElement.wdGetObject(IPublicBackendAccessInterface.java)
     at com.sap.tc.webdynpro.progmodel.context.NodeElement.getAttributeAsText(NodeElement.java:888)
     at com.virsa.cc.comp.BackendAccessInterface.execBAPI(BackendAccessInterface.java:401)
     at com.virsa.cc.comp.BackendAccessInterface.executeBAPI(BackendAccessInterface.java:302)
     at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.executeBAPI(InternalBackendAccessInterface.java:4227)
     at com.virsa.cc.comp.wdp.InternalBackendAccessInterface$External.executeBAPI(InternalBackendAccessInterface.java:4696)
     at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjActions(DataExtractorSAP.java:213)
     at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjActions(DataExtractorSAP.java:105)
     at com.virsa.cc.xsys.meng.MatchingEngine.getObjActions(MatchingEngine.java:813)
     at com.virsa.cc.xsys.meng.MatchingEngine.matchActRisks(MatchingEngine.java:121)
     at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1407)
     at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:317)
     at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1055)
     at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1366)
     at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:559)
     at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:362)
     at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:375)
     at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:92)
     at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:444)
     at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1236)
     at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
     at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
     at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
     at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
     at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
     at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
     at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
     at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:333)
     at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)
     at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)
     at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
     at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
     at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
     at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
     at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
     at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.meng.ObjAuthMatcher <init>
FINEST: ObjAuthMatcher constructed: 0ms, #singles=27, #ranges=0, #super=0
Oct 25, 2010 11:56:37 AM com.virsa.cc.common.util.ExceptionUtil logError
Kindly do the needful.
Regards,
Arjun.

Hi,
1.Please check what type of connection is configuired in RAR(Adaptive RFC or SAPJCO). Please switch the connection type to SAPJCO.
2. Please check the daemon & daemon manager statues.
3. Check the Job threds in daemon manager after sechudeling job.
Regards,
Arjun.

Error while executing Batch Risk Analysis job in full sync mode

Hi Gurus,
I am getting following error while executing Batch Risk Analysis job in full sync mode for the first time, please help me out.
May 12, 2011 3:57:26 AM com.virsa.cc.multi.node.dao.NodeDAO deleteMTGenObjTable
INFO: In deleteMTGenObjTable() deleting from VIRSA_CC_MTGENOBJ for jobid = 100
May 12, 2011 3:59:53 AM com.virsa.cc.multi.node.dao.NodeDAO deleteMTGenObjTable
INFO: In deleteMTGenObjTable() deleting from VIRSA_CC_MTGENOBJ for jobid = 100
May 12, 2011 3:59:53 AM com.virsa.cc.xsys.bg.BatchRiskAnalysis performBatchSyncAndAnalysis
INFO: --- Batch Sync/Analysis/Mgmt Report completed --- elapsed time: 104907817 ms
May 12, 2011 3:59:53 AM com.virsa.cc.xsys.bg.BgJob setStatus
INFO: Job ID: 100 Status: Error
May 12, 2011 3:59:53 AM com.virsa.cc.xsys.bg.BgJob updateJobHistory
FINEST: --- @@@@@@@@@@@ Updating the Job History -
2@@Msg is Error Job not completed
May 12, 2011 3:59:53 AM com.virsa.cc.xsys.bg.dao.BgJobHistoryDAO insert
INFO: -
Background Job History: job id=100, status=2, message=Error Job not completed
May 12, 2011 3:59:53 AM com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob scheduleJob
INFO: -
Complted Job =>100----
May 12, 2011 3:59:53 AM com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob scheduleJob
INFO: Daemon idle time longer than RFC time out, terminating daemon [211288050]/usr/sap/DAC/JC21/j2ee/cluster/server0/. Thread ID 0
May 12, 2011 3:59:53 AM com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob start
INFO: Analysis Daemon ID [211288050]/usr/sap/DAC/JC21/j2ee/cluster/server0/. Thread ID 0 terminiated
May 12, 2011 4:00:35 AM com.virsa.cc.xsys.bg.AnalysisDaemonThread run
FINEST: Analysis Daemon Thread: Invoking (HTTP): http://10.66.218.68:52100/webdynpro/dispatcher/sap.com/grc~ccappcomp/BgJobStart?daemonId=[211288050]/usr/sap/DAC/JC21/j2ee/cluster/server0/.&threadId=0&daemonType=BG
May 12, 2011 4:01:36 AM com.virsa.cc.xsys.bg.AnalysisDaemonThread run
FINEST: Analysis Daemon Thread: Invoking (HTTP): http://10.66.218.68:52100/webdynpro/dispatcher/sap.com/grc~ccappcomp/BgJobStart?daemonId=[211288050]/usr/sap/DAC/JC21/j2ee/cluster/server0/.&threadId=0&daemonType=BG
May 12, 2011 4:02:37 AM com.virsa.cc.xsys.bg.AnalysisDaemonThread run
FINEST: Analysis Daemon Thread: Invoking (HTTP): http://10.66.218.68:52100/webdynpro/dispatcher/sap.com/grc~ccappcomp/BgJobStart?daemonId=[211288050]/usr/sap/DAC/JC21/j2ee/cluster/server0/.&threadId=0&daemonType=BG
May 12, 2011 4:02:37 AM com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob start
INFO: Analysis Daemon ID [211288050]/usr/sap/DAC/JC21/j2ee/cluster/server0/. Thread ID 0 started
May 12, 2011 4:02:38 AM com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob start
FINEST: Another Analysis Daemon ID [211288050]/usr/sap/DAC/JC21/j2ee/cluster/server0/. Thread ID 0 is already running

Hi,
May be it worked in your case How the job names going to affect the execution of the job. The issue is purely because of RFC timeout (As per the logs). I recommend to change the parameter in the configuration tab as recommended by Sunny in the previous thread.
Regards,
Raghu

Error while running risk analysis.

Hi,
I am facing problem, while running risk analysis from Access Enforcer for a particular application. Infact problem is for all the connectors. I have done required configuration.
Error i am getting is "Risk analysis failed: Exception from the service : Risk Analysis failed".
Please suggest.
Thanks in Advance.
Regards,
Pravin.

Problem was with JCO connection.

Getting "Risk Analysis Failed " error while raising request from IDM

Hi friends,
Some of the User to Role mapping requests from IDM did not reach CUP (request ID = null) . When noticed the VDS log , we found the error from GRC webservice to be Risk Analysis Failed . We thought it might be an RAR issue , however , the request just got through CUP when submitted from GRC webservice directly . From RAR perspective also, everything looks ok .
Please provide your thoughts as to whether this error is pertaining to some other issue or suggest me what I can check in Identity center to correct this .
Thanks in advance for your help .

The connector set up are all looking correct . However the requests are not getting raised in many cases .
At one point we identified that , since our SAP systems have been migrated to DB2, some of the systems were down .
So when the system is down we decided , Risk analysis is failing . however , now the systems are up and running and still the risk analysis is failing .

AC 5.3 Risk Analysis to SRM 7.0

Similar Messages

Maybe you are looking for