Compliance Calibrator issue
Hello,
I need to delete the existing ruleset from my Compliance Calibrator and then upload a new Ruleset.
However I cannot see Delete Ruleset option in Compliance Calibrator. Kindly help.
Thanks.
Hi,
What actually you want to do? You want to delete whole ruleset with risks, functions etc or only rulset?
If only rulset is to be deleted ,you need to remove it from all associated risks. When the rulset becomes riskless then only you can dleete it.
If you want to create whole new configuration - then better make new riskes, functions and rulset for that, The Rulset associated to will pick those risks-functions only which is associated to it and not old ones.
Regards,
Sabita
Similar Messages
-
Compliance Calibrator Issue with Backend system
Hi Experts,
We have situation where we are unable to run any risk analysis from CC to our backend system.
The error we are getting is " Can not execute BAPI USERLIST, Invalid value in OPTION field of value table for IN itab operator"
and the RFC ID in R/3 system is getting below dump
" The current ABAP/4 program attempted to execute an ABAP/4 Open SQL
statement in which the WHERE condition contains an IN itab operator.
The IN itab operator is used with internal tables which
have the following structure:
SIGN(1) OPTION(2) LOW LIKE db_field HIGH LIKE db_field
The OPTION column should contain only one of the following values:
"EQ LE GE CP BT NE LT GT NP NB"
The value "##" is not allowed here."
The functin module is /VIRSA/ZCC_GET_USER_LIST
Recently we have upgraded our R/3 system to ECC6.0, after upgrade we are geting this error.
Please help us.
Thank you."Recently we have upgraded our R/3 system to ECC6.0, after upgrade we are geting this error."
During upgrade, what method (process) you followed to upgrade VIRSANH ? What is version of VIRSANH , is it 5.3?
Earliar was it VIRSA or VIRSANH installed on your system?
Do you also have SAP_HR component?
regards,
Surpreet -
4.6C to ECC 6.0 upgrade - Issue with Virsa Compliance Calibrator
The issue is that phase IS_SELECT during the PREPARE is not detecting VIRSA as an add-on. This of course will result in VIRSA not being upgraded and the system will be unstable ( note 989368 ). Also, I can't choose to delete the add-on either.
We installed the compliance calibrator before SAP purchased VIRSA. So, the tool was installed through transports, not SAINT. I assume this is why phase IS_SELECT is not seeing the tool.
Any ideas?
-ScottReceived a reply from SAP. Since VIRSA was installed through STMS the IS_SELECT phase will not see the add-on. I had to do the ECC 6 upgrade as normal and then install VIRSA 4.0 for SAP 700 systems through SAINT.
I had to clear SPDD and SPAU as much as possible for /VIRSA/* objects. However, there were six objects I could not clear. This did not cause any issues.
Notes 1006083 and 985617 are needed for this procedure.
Thanks for all the suggestions.
-Scott -
Issue with Compliance Calibrator 5.2 SP9 Background Jobs
Hello,
I'm having an issue with Compliance Calibrator 5.2 SP9 where If I run a role analysis as a background job that has the same parameters as a previously run role analysis background job, the second job that is run will display a failure message. It does not appear to matter if the similar background jobs were run by the same individual or separate individuals. As long as the job that was previously run is still in the background job history, than any job with the same parameters run by a user will fail.
Is this normal operation for CC?
Is there a configuration change that could allow a job to be rerun in the background multiple times?
Is there a fix for this issue in a later support pack or with upgrade to 5.3?
Thanks for the help it's much appreciated,To better clarify what is occurring, the 1st job will run and complete successfully and return/display the appropriate results correctly. The 2nd job will than be subsequently kicked off and finish same as with the previous job except when you open the background results no data is displayed and the message at the bottom reads: Failed to display result. To make more sense of what Iu2019m doing, these are the logical steps Iu2019m following:
1. Select Role Level analysis
2. Enter parameters for analysis
3. Schedule background job to run immediately
4. View background job results (successful job and correct results)
5. Select Role Level analysis (with same or any other user)
6. Enter same parameters as step 2 for analysis
7. Schedule background job to run immediately
8. View background job results (successful job, but the error message: u2018Failed to display resultu2019, instead of seeing the CC reports)
I believe the error is somewhere in the running of a job with the same parameters (Same Role and same Report Type). If I delete the previous jobs from the background history that have the parameters Iu2019m using and try the analysis again, a third time, with the same parameters as before, it will run successfully and display the correct results.
Is this normal and acceptable operation for CC5.2 SP9?
Is there a configuration change that would allow a job to be run in the background multiple times with the correct CC results?
Is there a fix for this issue in a later support pack or with upgrade to 5.3? -
Updating Compliance Calibrator Rule Set
The business has decided to change a few rules by removing a couple of custom tcodes from the rule set. In DEV I go into the Function and remove the objects associated with the tcode and disable the tcode. After running the rule set update there is still some sort of tie. I have created a test ID in DEV with a known issue around each of the changes. I'm not getting a different result when running compliance calibrator.
Any ideas?
We are running R/3 4.6C and compliance calibrator 4.0Can you please check the following demo?
[Virsa Compliance Calibrator Application for SAP v5.1 Demo|http://www.sdn.sap.com/irj/scn/elearn?rid=/library/uuid/d2f1cf9c-0d01-0010-2dac-aedd3c4f7f5b&overridelayout=true]
Please give more details on the step where you got stuck.
Regards,
Dipanjan -
Compliance Calibrator Administrator ID
As stated in the guides, the user id for the GRC Administrators for access to Compliance Calibrator UI is to be created through the UME.
In the UME we have created the user ID with a role with the actions:
UME.AclSuperUser
UME.Batch_Admin
UME.Manage_All
UME.Manage_All_Companies
UME.Manage_Groups
UME.Manage_My_Profile
UME.Manage_Roles
UME.Manage_Users
UME.Sync_Admin
Com.virsa.cc.ChangeAdmins
Com.virsa.cc.ChangeBP
Com.virsa.cc.ChangeBUnit
Com.virsa.cc.ChangeCrActions
Com.virsa.cc.ChangeCrProfiles
Com.virsa.cc.ChangeCrRoles
Com.virsa.cc.ChangeFunction
Com.virsa.cc.ChangeMitCntl
Com.virsa.cc.ChangeMitHRObject
Com.virsa.cc.ChangeMitProfile
Com.virsa.cc.ChangeMitRole
Com.virsa.cc.ChangeMitUser
Com.virsa.cc.ChangeOrgRules
Com.virsa.cc.ChangeRisks
Com.virsa.cc.ChangeRuleSet
Com.virsa.cc.ChangeSupplementRule
Com.virsa.cc.ClearAlert
Com.virsa.cc.CreateAdmins
Com.virsa.cc.CreateBP
Com.virsa.cc.BUnit
Com.virsa.cc.CreateCrActions
Com.virsa.cc.CreateCrProfiles
Com.virsa.cc.CreateCrRoles
Com.virsa.cc.CreateFunction
Com.virsa.cc.CreateMitCntl
Com.virsa.cc.CreateMitHRObject
Com.virsa.cc.CreateMitProfile
Com.virsa.cc.CreateMitRole
Com.virsa.cc.CreateMitUser
Com.virsa.cc.CreateOrgRules
Com.virsa.cc.CreateRisks
Com.virsa.cc.CreateRuleSet
Com.virsa.cc.CreateSupplementRule
Com.virsa.cc.DeleteAdmins
Com.virsa.cc.DeleteAlert
Com.virsa.cc.DeleteBP
Com.virsa.cc.DeleteBUnit
Com.virsa.cc.DeleteCrActions
Com.virsa.cc.DeleteCrProfiles
Com.virsa.cc.DeleteCrRoles
Com.virsa.cc.DeleteFunction
Com.virsa.cc.DeleteMitCntl
Com.virsa.cc.DeleteMitHRsObject
Com.virsa.cc.DeleteMitProfile
Com.virsa.cc.DeleteMitRole
Com.virsa.cc.DeleteMitUser
Com.virsa.cc.DeleteOrgRules
Com.virsa.cc.DeleteRisks
Com.virsa.cc.DeleteRuleSet
Com.virsa.cc.DeleteSupplementRule
Com.virsa.cc.ExportRules
Com.virsa.cc.GenerateAlert
Com.virsa.cc.ImportRules
Com.virsa.cc.MassFuncMaint
Com.virsa.cc.RunAuditReports
Com.virsa.cc.RunRiskAnalysis
Com.virsa.cc.RunSecurityReports
Com.virsa.cc.ViewAlertMonitor
Com.virsa.cc.ViewBgJobLog
Com.virsa.cc.ViewConfiguration
Com.virsa.cc.ViewInformer
Com.virsa.cc.ViewMgmtReport
Com.virsa.cc.ViewRuleArchitect
Basically, this is the administrator role for the UME that we have in the development environment currently.
When we attempt to log on to the Compliance Calibrator, we get logged out immediately.
We do not even see the top bar of the compliance calibrator UI.
I have checked the SDN forums and according to the developers here, it is because there is no JAVA role assigned to the user but we have assigned all the actions to the user.
Do advise if there is a step that we have missed out during the user creation.Hi Chee,
I'm installing Compliance Calibrator 5.1 on WAS7.0. now when i configure the administrator role for Portal user, I'm not able to see any of the com.virsa.cc actions in available actions list.
In the inst guide for CC 5.2 it suggests a alternate method to upload a role file UME Roles file, UMERoles_CC52.txt. Where can we find this file for CC5.1.
Help me on this issue. I'm really troubled due to this with no leads at all.
Please suggest me a way.
Thanks,
Vishal. -
Hi;
I have submitted a job to run in Compliance Calibrator as job type = immidiate, but the job does not appear to start and sits in ready status in State column. Can anyone guess, what the problem can be?
Regards;
SumantaHello,
This is known issue with GRC AC, please stop and start application "sap.com/grc~ccxsysbgear " from Visual Administrator - then you need to wait for some time and it should be started.
Visual Administrator --> Server -->Services --> Deploy --> Choose Application --> sap.com/grc~ccxsysbgear -
> Stop and then Start.
Hope this helps.
Thanks
Davinder -
Is Compliance Calibrator the same as GRC Access Control?
I have been asked to look at<b> Compliance Calibrator </b>and am getting confused about what functionality is offered. I have done the basic e-learning course for Compliance Calibrator (GRC200): this was all about separation of duties etc. Fair enough. But I also have a Document called "<b>SAP GRC Access Control</b>" which talks about the same S.O.D compliance functionality but also talks of "roles triggering workflows", "users creating roles", "automated approvals for roles" eg:
"SAP GRC Access Control streamlines access requests by filling each request automatically with user identity information from a lightweight directory access protocol (LDAP) directory or HR database, thereby eliminating the need for user intervention. Approvers receive an e-mail with a direct hyperlink to the request inside the application, where they can easily view and approve the request. The application then checks for security violations before updating accounts automatically."
None of this was covered on the Compliance Calibrator course, so what product offers this? I can see another product by Virsa called <b>Access Enforcer</b> but have no info on this... can anyone enlighten me?SAP GRC Access Control is the SAP application that comprises the former Virsa products Compliance Calibrator, Access Enforcer, Risk Terminator, Firefighter and Role Expert.
-
Custom report on Compliance Calibrator Job scheduler
Currently in compliance calibrator it is not possible for a user to view the status, success or otherwise, of another users scheduled job or sync unless granting that user full administrator rights.
Please advise if it's possible to expose the underlying scheduled job table for a given system via a custom built static html web page. Can you advise of the table that results would need to be displayed from and whether there would be any drawbacks of this approach, or if others have somehow solved this problem with another solution, please share?!
What are SAP's timeframe's for finer grained security in CC?below are the tables used for CC:
VIRSA_CC_ACTRULE SAPSR3DB
VIRSA_CC_ACTRULHDR SAPSR3DB
VIRSA_CC_ACTVL SAPSR3DB
VIRSA_CC_ADMIN SAPSR3DB
VIRSA_CC_ALLASTRUN SAPSR3DB
VIRSA_CC_ALLISTDTL SAPSR3DB
VIRSA_CC_ALLISTHDR SAPSR3DB
VIRSA_CC_ALTCDLOG SAPSR3DB
VIRSA_CC_AUTHHT SAPSR3DB
VIRSA_CC_AUTHMAP SAPSR3DB
VIRSA_CC_BKGINP SAPSR3DB
VIRSA_CC_BUAPPVR SAPSR3DB
VIRSA_CC_BUMONITOR SAPSR3DB
VIRSA_CC_BUSPRC SAPSR3DB
VIRSA_CC_BUSPRCT SAPSR3DB
VIRSA_CC_BUSUNIT SAPSR3DB
VIRSA_CC_BUSUNITT SAPSR3DB
VIRSA_CC_CDHDR SAPSR3DB
VIRSA_CC_CDPOS SAPSR3DB
VIRSA_CC_CGROUP SAPSR3DB
VIRSA_CC_CONFIG SAPSR3DB
VIRSA_CC_CRACT SAPSR3DB
VIRSA_CC_CRACTT SAPSR3DB
VIRSA_CC_CRACTVL SAPSR3DB
VIRSA_CC_CRPRM SAPSR3DB
VIRSA_CC_CRPRMVL SAPSR3DB
VIRSA_CC_CRPROF SAPSR3DB
VIRSA_CC_CRPROFT SAPSR3DB
VIRSA_CC_CRROLE SAPSR3DB
VIRSA_CC_CRROLET SAPSR3DB
VIRSA_CC_CRROLEVL SAPSR3DB
VIRSA_CC_DATAEXD SAPSR3DB
VIRSA_CC_DETDESC SAPSR3DB
VIRSA_CC_FLDMAP SAPSR3DB
VIRSA_CC_FUNC SAPSR3DB
VIRSA_CC_FUNCACT SAPSR3DB
VIRSA_CC_FUNCBP SAPSR3DB
VIRSA_CC_FUNCPRM SAPSR3DB
VIRSA_CC_FUNCSYS SAPSR3DB
VIRSA_CC_FUNCT SAPSR3DB
VIRSA_CC_GENACT SAPSR3DB
VIRSA_CC_GENOBJ SAPSR3DB
VIRSA_CC_GENOBJT SAPSR3DB
VIRSA_CC_GENPRM SAPSR3DB
VIRSA_CC_GENUSR SAPSR3DB
VIRSA_CC_GPRMLIST SAPSR3DB
VIRSA_CC_GSEQ SAPSR3DB
VIRSA_CC_JOBHST SAPSR3DB
VIRSA_CC_LASTRUN SAPSR3DB
VIRSA_CC_LOCKTABLE SAPSR3DB
VIRSA_CC_LSYSGRP SAPSR3DB
VIRSA_CC_MGALERTS SAPSR3DB
VIRSA_CC_MGCRTR SAPSR3DB
VIRSA_CC_MGMTBU SAPSR3DB
VIRSA_CC_MGMTTOT SAPSR3DB
VIRSA_CC_MGRISKD SAPSR3DB
VIRSA_CC_MGRISKS SAPSR3DB
VIRSA_CC_MICCTLDTL SAPSR3DB
VIRSA_CC_MICCTLDTT SAPSR3DB
VIRSA_CC_MICEXLOG SAPSR3DB
VIRSA_CC_MICORGDTL SAPSR3DB
VIRSA_CC_MICORGDTT SAPSR3DB
VIRSA_CC_MICPRCDTL SAPSR3DB
VIRSA_CC_MICPRCDTT SAPSR3DB
VIRSA_CC_MICRMAP SAPSR3DB
VIRSA_CC_MICUMAP SAPSR3DB
VIRSA_CC_MITHROBJ SAPSR3DB
VIRSA_CC_MITMON SAPSR3DB
VIRSA_CC_MITPROF SAPSR3DB
VIRSA_CC_MITREF SAPSR3DB
VIRSA_CC_MITREFT SAPSR3DB
VIRSA_CC_MITRISK SAPSR3DB
VIRSA_CC_MITROLE SAPSR3DB
VIRSA_CC_MITRPT SAPSR3DB
VIRSA_CC_MITUSER SAPSR3DB
VIRSA_CC_MITUSRORG SAPSR3DB
VIRSA_CC_MONAPV SAPSR3DB
VIRSA_CC_MSG SAPSR3DB
VIRSA_CC_MSGPRMS SAPSR3DB
VIRSA_CC_MSGTYP SAPSR3DB
VIRSA_CC_OBJTEXT SAPSR3DB
VIRSA_CC_ORGRULE SAPSR3DB
VIRSA_CC_ORGRULEM SAPSR3DB
VIRSA_CC_ORGRULET SAPSR3DB
VIRSA_CC_ORGUSERS SAPSR3DB
VIRSA_CC_PRMRULE SAPSR3DB
VIRSA_CC_PRMVL SAPSR3DB
VIRSA_CC_RISK SAPSR3DB
VIRSA_CC_RISKFUNC SAPSR3DB
VIRSA_CC_RISKOWN SAPSR3DB
VIRSA_CC_RISKRS SAPSR3DB
VIRSA_CC_RISKT SAPSR3DB
VIRSA_CC_ROLEVL SAPSR3DB
VIRSA_CC_RTMAP SAPSR3DB
VIRSA_CC_RULESET SAPSR3DB
VIRSA_CC_RULESETT SAPSR3DB
VIRSA_CC_SAPOBJ SAPSR3DB
VIRSA_CC_SCHEDULER SAPSR3DB
VIRSA_CC_SUPP_DET SAPSR3DB
VIRSA_CC_SUPP_HDR SAPSR3DB
VIRSA_CC_SUPP_TEXT SAPSR3DB
VIRSA_CC_SYSCRACT SAPSR3DB
VIRSA_CC_SYSHMAP SAPSR3DB
VIRSA_CC_SYSRULE SAPSR3DB
VIRSA_CC_SYSSAPOBJ SAPSR3DB
VIRSA_CC_SYSTEM SAPSR3DB
VIRSA_CC_SYSTEMC SAPSR3DB
VIRSA_CC_SYSTEMT SAPSR3DB
VIRSA_CC_SYSUSR SAPSR3DB
VIRSA_CC_TEXTKEY SAPSR3DB
VIRSA_CC_THREAD SAPSR3DB
VIRSA_CC_USRMAP SAPSR3DB
VIRSA_CC_VARIANT SAPSR3DB
VIRSA_CC_VARVAL SAPSR3DB
VIRSA_CC_WFOBJ SAPSR3DB
VIRSA_CC_XSRULEMAP SAPSR3DB
VIRSA_CC_XSYSGRP SAPSR3DB
You can go and check which one contains the scheduling info (VIRSA_CC_SCHEDULER ??)
Hope this helps -
Compliance Calibrator: Background jobs didn't bring in the correct data.
Hi Gurus;
In Compliance Calibrator; background jobs were last run on 5/27/09 but the management report shows that the summary is as of 5/20/09. That should have been updated uptill 5/27/09 and the new number of conflicts should have come up, which it didn't. What can be the problem?
Thanking you;
RajaHi Harleen;
This job was actually set by the client. So when I went to check the parameters of the jobs, I found that the field MGR_ANALYSIS consists of Field value "N". Does this mean that the Management Analysis box was not ticked when this job was scheduled?
Regards;
Raja -
Custom Risks in Compliance Calibrator?
Hello,
Can someone please verify this process for me?
My understanding is that once you create and configure a custom risk in Compliance Calibrator 5.2, you simply click generate and can then immediately run a risk analysis using the new custom risk.
Is there any kind of a background job required to synchronise the new custom rule prior to running a risks analysis or any steps that I'm missing?
Thanks your help is much appreciated,Hi Adamo,
This is the exact process you need to follow. Once you create main risk and generate rules, you should be able to see the risk in CC. Have you enabled the particular risk? You can go to informer and try to run a simulation or ad-hoc analysis on that particular risk.
Regards,
Alpesh -
How to add my own iview in Compliance Calibrator
Hi Experts,
can plaese tell me how to add my own iview in Compliance Calibrator 5.1.Anubha,
If you are trying to add an iview or URL to Compliance Calibrator you have to login as an administrator go into the configuration tab, and go to Custom tabs toward the bottom of the left screen. Here you can add custom URL links that will appear as tabs in Compliance Calibrator.
Hope this helps
Gabe -
Compliance Calibrator SOD Conflict (FI01 and FB05)
I was hoping that someone could provide some insight as to why the "FI01 - Create Bank" and "FI02 - Change Bank" transactions would create a risk (in Compliance Calibrator) when coupled in the same security role with the "FB05 - Post with Clearing" transaction. The risk description given by Compliance Calibrator is "Maintain bank account and post a payment from it".
The FI01 and FI02 t-codes appear to only create/change routing numbers or addresses for banks. There is no ability to create or change an actual bank account. This alone doesn't seem to create a conflict when coupled with a posting transaction. Is there possibly some functionality that I am missing?Hi Joshua,
I strongly agree with you that there is no SOD conflict technically with FI01, FI02 with FB05 although the wording of the SOD conflict in a business sense meaning Maintain Bank Accounts vs Posting Payments sounds more like a Conflict.
I dont see by anyway how you can maintain actual bank account in either FI01, FI02.
FI01 and FI02 - Maintain Bank Info like Bank Address, Bank Key and soforth.
FB05 - Make Payments to various accounts.
Regards,
Kiran Kandepalli. -
Compliance Calibrator v.4.0 Installation Guide?
Does anyone have a Compliance Calibrator v.4.0 Installation Guide? I cannot find one on SAP Service Marketplace.
I have found a Security Guide, User Guide Supplement, User Guide, but no installation guide.
Thank you!Hi there,
I have the guide, and I can give it to you.
Reach out to me at [email protected] and I'll get it to you.
Thanks,
Santosh -
SAP GRC 5.2 Compliance Calibrator rule sets for HR module
HI All,
The company i am working for has done installation of GRC 5.2. I would like to download the SAP out of box Compliance Calibrator rule sets for HR function module in a spreadsheet format.
I would like to download the rule set for risks at Function level, Tcode level and also at authorization object level in ABAP and Roles, actions and permissions in JAVA.
I will discuss with the BPAs, internal auditors and come up with a new rule set exclusively for my company needs with the help of the above spreadhseet.
Please tell me what steps i need to do to get this thing done.Please go through the process but save these as txt files for UNIX. I am not sure about 5.2 but CC4 was not uploading rule files correctly if file was not saved for TXT for UNIX.
Regards,
Harry Sidhu
Maybe you are looking for
-
RHEL 6 for EBS 11i (11.5.10.2)
Hi hussein, I posted a thread in here before about our company buying or upgrading to a newer server which is of higher-end and with bigger CPUs and Memories. We are currently running EBS 11i (11.5.10.2) on the current server which is about 6 years o
-
Most of my music is missing, I can not locate them on my computer.
This is unfortuante. The Itunes store won't allow me to repurchase these songs, and they are missing from my library. I need help. Thanks
-
Transfer of Digital Signature Files
I've transferred my copy of Acrobat 7.1 Standard to another computer and I want to copy over my digital signature file. I can't find the file on my old computer. Could someone tell me how I can move a signature file to another computer? Jerry Judd
-
Hi. I need to download a file to pdf format by clicking a link. I already i have implemented this in excel format by setting a content type as vnd.ms-excel. But if i done this same for pdf as below response.setContentType("application/pdf"); response
-
Enhancemnt on MIRO to populate default quantities reamaing on PO Item
Enhancement Experts, Here is my requirement. While posting the MIRO, after entering the PO, system brings all the Line items for the PO with amount and quantity fields blank. now the user want to default the remaining quantity on PO by looking at al