Compliance Calibrator issue

Hello,
I need to delete the existing ruleset from my Compliance Calibrator and then upload a new Ruleset.
However I cannot see Delete Ruleset option in Compliance Calibrator. Kindly help.
Thanks.

Hi,
What actually you want to do? You want to delete whole ruleset with risks, functions etc or only rulset?
If only rulset is to be deleted ,you need to remove it from all associated risks. When the rulset becomes riskless then only you can dleete it.
If you want to create whole new configuration - then better make new riskes, functions and rulset for that, The Rulset associated to will pick those risks-functions only which is associated to it and not old ones.
Regards,
Sabita

Similar Messages

Compliance Calibrator Issue with Backend system

Hi Experts,
We have situation where we are unable to run any risk analysis from CC to our backend system.
The error we are getting is " Can not execute BAPI USERLIST, Invalid value in OPTION field of value table for IN itab operator"
and the RFC ID in R/3 system is getting below dump
" The current ABAP/4 program attempted to execute an ABAP/4 Open SQL
statement in which the WHERE condition contains an IN itab operator.
The IN itab operator is used with internal tables which
have the following structure:
SIGN(1) OPTION(2) LOW LIKE db_field HIGH LIKE db_field
The OPTION column should contain only one of the following values:
"EQ LE GE CP BT NE LT GT NP NB"
The value "##" is not allowed here."
The functin module is /VIRSA/ZCC_GET_USER_LIST
Recently we have upgraded our R/3 system to ECC6.0, after upgrade we are geting this error.
Please help us.
Thank you.

"Recently we have upgraded our R/3 system to ECC6.0, after upgrade we are geting this error."
During upgrade, what method (process) you followed to upgrade VIRSANH ? What is version of VIRSANH , is it 5.3?
Earliar was it VIRSA or VIRSANH installed on your system?
Do you also have SAP_HR component?
regards,
Surpreet

4.6C to ECC 6.0 upgrade - Issue with Virsa Compliance Calibrator

The issue is that phase IS_SELECT during the PREPARE is not detecting VIRSA as an add-on. This of course will result in VIRSA not being upgraded and the system will be unstable ( note 989368 ). Also, I can't choose to delete the add-on either.
We installed the compliance calibrator before SAP purchased VIRSA. So, the tool was installed through transports, not SAINT. I assume this is why phase IS_SELECT is not seeing the tool.
Any ideas?
-Scott

Received a reply from SAP. Since VIRSA was installed through STMS the IS_SELECT phase will not see the add-on. I had to do the ECC 6 upgrade as normal and then install VIRSA 4.0 for SAP 700 systems through SAINT.
I had to clear SPDD and SPAU as much as possible for /VIRSA/* objects. However, there were six objects I could not clear. This did not cause any issues.
Notes 1006083 and 985617 are needed for this procedure.
Thanks for all the suggestions.
-Scott

Issue with Compliance Calibrator 5.2 SP9 Background Jobs

Hello,
I'm having an issue with Compliance Calibrator 5.2 SP9 where If I run a role analysis as a background job that has the same parameters as a previously run role analysis background job, the second job that is run will display a failure message. It does not appear to matter if the similar background jobs were run by the same individual or separate individuals. As long as the job that was previously run is still in the background job history, than any job with the same parameters run by a user will fail.
Is this normal operation for CC?
Is there a configuration change that could allow a job to be rerun in the background multiple times?
Is there a fix for this issue in a later support pack or with upgrade to 5.3?
Thanks for the help it's much appreciated,

To better clarify what is occurring, the 1st job will run and complete successfully and return/display the appropriate results correctly. The 2nd job will than be subsequently kicked off and finish same as with the previous job except when you open the background results no data is displayed and the message at the bottom reads: Failed to display result. To make more sense of what Iu2019m doing, these are the logical steps Iu2019m following:
1. Select Role Level analysis
2. Enter parameters for analysis
3. Schedule background job to run immediately
4. View background job results (successful job and correct results)
5. Select Role Level analysis (with same or any other user)
6. Enter same parameters as step 2 for analysis
7. Schedule background job to run immediately
8. View background job results (successful job, but the error message: u2018Failed to display resultu2019, instead of seeing the CC reports)
I believe the error is somewhere in the running of a job with the same parameters (Same Role and same Report Type). If I delete the previous jobs from the background history that have the parameters Iu2019m using and try the analysis again, a third time, with the same parameters as before, it will run successfully and display the correct results.
Is this normal and acceptable operation for CC5.2 SP9?
Is there a configuration change that would allow a job to be run in the background multiple times with the correct CC results?
Is there a fix for this issue in a later support pack or with upgrade to 5.3?

Updating Compliance Calibrator Rule Set

The business has decided to change a few rules by removing a couple of custom tcodes from the rule set. In DEV I go into the Function and remove the objects associated with the tcode and disable the tcode. After running the rule set update there is still some sort of tie. I have created a test ID in DEV with a known issue around each of the changes. I'm not getting a different result when running compliance calibrator.
Any ideas?
We are running R/3 4.6C and compliance calibrator 4.0

Can you please check the following demo?
[Virsa Compliance Calibrator Application for SAP v5.1 Demo|http://www.sdn.sap.com/irj/scn/elearn?rid=/library/uuid/d2f1cf9c-0d01-0010-2dac-aedd3c4f7f5b&overridelayout=true]
Please give more details on the step where you got stuck.
Regards,
Dipanjan

Compliance Calibrator Administrator ID

As stated in the guides, the user id for the GRC Administrators for access to Compliance Calibrator UI is to be created through the UME.
In the UME we have created the user ID with a role with the actions:
UME.AclSuperUser
UME.Batch_Admin
UME.Manage_All
UME.Manage_All_Companies
UME.Manage_Groups
UME.Manage_My_Profile
UME.Manage_Roles
UME.Manage_Users
UME.Sync_Admin
Com.virsa.cc.ChangeAdmins
Com.virsa.cc.ChangeBP
Com.virsa.cc.ChangeBUnit
Com.virsa.cc.ChangeCrActions
Com.virsa.cc.ChangeCrProfiles
Com.virsa.cc.ChangeCrRoles
Com.virsa.cc.ChangeFunction
Com.virsa.cc.ChangeMitCntl
Com.virsa.cc.ChangeMitHRObject
Com.virsa.cc.ChangeMitProfile
Com.virsa.cc.ChangeMitRole
Com.virsa.cc.ChangeMitUser
Com.virsa.cc.ChangeOrgRules
Com.virsa.cc.ChangeRisks
Com.virsa.cc.ChangeRuleSet
Com.virsa.cc.ChangeSupplementRule
Com.virsa.cc.ClearAlert
Com.virsa.cc.CreateAdmins
Com.virsa.cc.CreateBP
Com.virsa.cc.BUnit
Com.virsa.cc.CreateCrActions
Com.virsa.cc.CreateCrProfiles
Com.virsa.cc.CreateCrRoles
Com.virsa.cc.CreateFunction
Com.virsa.cc.CreateMitCntl
Com.virsa.cc.CreateMitHRObject
Com.virsa.cc.CreateMitProfile
Com.virsa.cc.CreateMitRole
Com.virsa.cc.CreateMitUser
Com.virsa.cc.CreateOrgRules
Com.virsa.cc.CreateRisks
Com.virsa.cc.CreateRuleSet
Com.virsa.cc.CreateSupplementRule
Com.virsa.cc.DeleteAdmins
Com.virsa.cc.DeleteAlert
Com.virsa.cc.DeleteBP
Com.virsa.cc.DeleteBUnit
Com.virsa.cc.DeleteCrActions
Com.virsa.cc.DeleteCrProfiles
Com.virsa.cc.DeleteCrRoles
Com.virsa.cc.DeleteFunction
Com.virsa.cc.DeleteMitCntl
Com.virsa.cc.DeleteMitHRsObject
Com.virsa.cc.DeleteMitProfile
Com.virsa.cc.DeleteMitRole
Com.virsa.cc.DeleteMitUser
Com.virsa.cc.DeleteOrgRules
Com.virsa.cc.DeleteRisks
Com.virsa.cc.DeleteRuleSet
Com.virsa.cc.DeleteSupplementRule
Com.virsa.cc.ExportRules
Com.virsa.cc.GenerateAlert
Com.virsa.cc.ImportRules
Com.virsa.cc.MassFuncMaint
Com.virsa.cc.RunAuditReports
Com.virsa.cc.RunRiskAnalysis
Com.virsa.cc.RunSecurityReports
Com.virsa.cc.ViewAlertMonitor
Com.virsa.cc.ViewBgJobLog
Com.virsa.cc.ViewConfiguration
Com.virsa.cc.ViewInformer
Com.virsa.cc.ViewMgmtReport
Com.virsa.cc.ViewRuleArchitect
Basically, this is the administrator role for the UME that we have in the development environment currently.
When we attempt to log on to the Compliance Calibrator, we get logged out immediately.
We do not even see the top bar of the compliance calibrator UI.
I have checked the SDN forums and according to the developers here, it is because there is no JAVA role assigned to the user but we have assigned all the actions to the user.
Do advise if there is a step that we have missed out during the user creation.

Hi Chee,
I'm installing Compliance Calibrator 5.1 on WAS7.0. now when i configure the administrator role for Portal user, I'm not able to see any of the com.virsa.cc actions in available actions list.
In the inst guide for CC 5.2 it suggests a alternate method to upload a role file UME Roles file, UMERoles_CC52.txt. Where can we find this file for CC5.1.
Help me on this issue. I'm really troubled due to this with no leads at all.
Please suggest me a way.
Thanks,
Vishal.

Compliance Calibrator Job Run

Hi;
I have submitted a job to run in Compliance Calibrator as job type = immidiate, but the job does not appear to start and sits in ready status in State column. Can anyone guess, what the problem can be?
Regards;
Sumanta

Hello,
This is known issue with GRC AC, please stop and start application "sap.com/grc~ccxsysbgear " from Visual Administrator - then you need to wait for some time and it should be started.
Visual Administrator --> Server -->Services --> Deploy --> Choose Application --> sap.com/grc~ccxsysbgear -
> Stop and then Start.
Hope this helps.
Thanks
Davinder

Is Compliance Calibrator the same as GRC Access Control?

I have been asked to look at Compliance Calibrator and am getting confused about what functionality is offered. I have done the basic e-learning course for Compliance Calibrator (GRC200): this was all about separation of duties etc. Fair enough. But I also have a Document called "SAP GRC Access Control" which talks about the same S.O.D compliance functionality but also talks of "roles triggering workflows", "users creating roles", "automated approvals for roles" eg:
"SAP GRC Access Control streamlines access requests by filling each request automatically with user identity information from a lightweight directory access protocol (LDAP) directory or HR database, thereby eliminating the need for user intervention. Approvers receive an e-mail with a direct hyperlink to the request inside the application, where they can easily view and approve the request. The application then checks for security violations before updating accounts automatically."
None of this was covered on the Compliance Calibrator course, so what product offers this? I can see another product by Virsa called Access Enforcer but have no info on this... can anyone enlighten me?

SAP GRC Access Control is the SAP application that comprises the former Virsa products Compliance Calibrator, Access Enforcer, Risk Terminator, Firefighter and Role Expert.

Custom report on Compliance Calibrator Job scheduler

Currently in compliance calibrator it is not possible for a user to view the status, success or otherwise, of another users scheduled job or sync unless granting that user full administrator rights.
Please advise if it's possible to expose the underlying scheduled job table for a given system via a custom built static html web page. Can you advise of the table that results would need to be displayed from and whether there would be any drawbacks of this approach, or if others have somehow solved this problem with another solution, please share?!
What are SAP's timeframe's for finer grained security in CC?

below are the tables used for CC:
VIRSA_CC_ACTRULE               SAPSR3DB
VIRSA_CC_ACTRULHDR             SAPSR3DB
VIRSA_CC_ACTVL                 SAPSR3DB
VIRSA_CC_ADMIN                 SAPSR3DB
VIRSA_CC_ALLASTRUN             SAPSR3DB
VIRSA_CC_ALLISTDTL             SAPSR3DB
VIRSA_CC_ALLISTHDR             SAPSR3DB
VIRSA_CC_ALTCDLOG              SAPSR3DB
VIRSA_CC_AUTHHT                SAPSR3DB
VIRSA_CC_AUTHMAP               SAPSR3DB
VIRSA_CC_BKGINP                SAPSR3DB
VIRSA_CC_BUAPPVR               SAPSR3DB
VIRSA_CC_BUMONITOR             SAPSR3DB
VIRSA_CC_BUSPRC                SAPSR3DB
VIRSA_CC_BUSPRCT               SAPSR3DB
VIRSA_CC_BUSUNIT               SAPSR3DB
VIRSA_CC_BUSUNITT              SAPSR3DB
VIRSA_CC_CDHDR                 SAPSR3DB
VIRSA_CC_CDPOS                 SAPSR3DB
VIRSA_CC_CGROUP                SAPSR3DB
VIRSA_CC_CONFIG                SAPSR3DB
VIRSA_CC_CRACT                 SAPSR3DB
VIRSA_CC_CRACTT                SAPSR3DB
VIRSA_CC_CRACTVL               SAPSR3DB
VIRSA_CC_CRPRM                 SAPSR3DB
VIRSA_CC_CRPRMVL               SAPSR3DB
VIRSA_CC_CRPROF                SAPSR3DB
VIRSA_CC_CRPROFT               SAPSR3DB
VIRSA_CC_CRROLE                SAPSR3DB
VIRSA_CC_CRROLET               SAPSR3DB
VIRSA_CC_CRROLEVL              SAPSR3DB
VIRSA_CC_DATAEXD               SAPSR3DB
VIRSA_CC_DETDESC               SAPSR3DB
VIRSA_CC_FLDMAP                SAPSR3DB
VIRSA_CC_FUNC                  SAPSR3DB
VIRSA_CC_FUNCACT               SAPSR3DB
VIRSA_CC_FUNCBP                SAPSR3DB
VIRSA_CC_FUNCPRM               SAPSR3DB
VIRSA_CC_FUNCSYS               SAPSR3DB
VIRSA_CC_FUNCT                 SAPSR3DB
VIRSA_CC_GENACT                SAPSR3DB
VIRSA_CC_GENOBJ                SAPSR3DB
VIRSA_CC_GENOBJT               SAPSR3DB
VIRSA_CC_GENPRM                SAPSR3DB
VIRSA_CC_GENUSR                SAPSR3DB
VIRSA_CC_GPRMLIST              SAPSR3DB
VIRSA_CC_GSEQ                  SAPSR3DB
VIRSA_CC_JOBHST                SAPSR3DB
VIRSA_CC_LASTRUN               SAPSR3DB
VIRSA_CC_LOCKTABLE             SAPSR3DB
VIRSA_CC_LSYSGRP               SAPSR3DB
VIRSA_CC_MGALERTS              SAPSR3DB
VIRSA_CC_MGCRTR                SAPSR3DB
VIRSA_CC_MGMTBU                SAPSR3DB
VIRSA_CC_MGMTTOT               SAPSR3DB
VIRSA_CC_MGRISKD               SAPSR3DB
VIRSA_CC_MGRISKS               SAPSR3DB
VIRSA_CC_MICCTLDTL             SAPSR3DB
VIRSA_CC_MICCTLDTT             SAPSR3DB
VIRSA_CC_MICEXLOG              SAPSR3DB
VIRSA_CC_MICORGDTL             SAPSR3DB
VIRSA_CC_MICORGDTT             SAPSR3DB
VIRSA_CC_MICPRCDTL             SAPSR3DB
VIRSA_CC_MICPRCDTT             SAPSR3DB
VIRSA_CC_MICRMAP               SAPSR3DB
VIRSA_CC_MICUMAP               SAPSR3DB
VIRSA_CC_MITHROBJ              SAPSR3DB
VIRSA_CC_MITMON                SAPSR3DB
VIRSA_CC_MITPROF               SAPSR3DB
VIRSA_CC_MITREF                SAPSR3DB
VIRSA_CC_MITREFT               SAPSR3DB
VIRSA_CC_MITRISK               SAPSR3DB
VIRSA_CC_MITROLE               SAPSR3DB
VIRSA_CC_MITRPT                SAPSR3DB
VIRSA_CC_MITUSER               SAPSR3DB
VIRSA_CC_MITUSRORG             SAPSR3DB
VIRSA_CC_MONAPV                SAPSR3DB
VIRSA_CC_MSG                   SAPSR3DB
VIRSA_CC_MSGPRMS               SAPSR3DB
VIRSA_CC_MSGTYP                SAPSR3DB
VIRSA_CC_OBJTEXT               SAPSR3DB
VIRSA_CC_ORGRULE               SAPSR3DB
VIRSA_CC_ORGRULEM              SAPSR3DB
VIRSA_CC_ORGRULET              SAPSR3DB
VIRSA_CC_ORGUSERS              SAPSR3DB
VIRSA_CC_PRMRULE               SAPSR3DB
VIRSA_CC_PRMVL                 SAPSR3DB
VIRSA_CC_RISK                  SAPSR3DB
VIRSA_CC_RISKFUNC              SAPSR3DB
VIRSA_CC_RISKOWN               SAPSR3DB
VIRSA_CC_RISKRS                SAPSR3DB
VIRSA_CC_RISKT                 SAPSR3DB
VIRSA_CC_ROLEVL                SAPSR3DB
VIRSA_CC_RTMAP                 SAPSR3DB
VIRSA_CC_RULESET               SAPSR3DB
VIRSA_CC_RULESETT              SAPSR3DB
VIRSA_CC_SAPOBJ                SAPSR3DB
VIRSA_CC_SCHEDULER             SAPSR3DB
VIRSA_CC_SUPP_DET              SAPSR3DB
VIRSA_CC_SUPP_HDR              SAPSR3DB
VIRSA_CC_SUPP_TEXT             SAPSR3DB
VIRSA_CC_SYSCRACT              SAPSR3DB
VIRSA_CC_SYSHMAP               SAPSR3DB
VIRSA_CC_SYSRULE               SAPSR3DB
VIRSA_CC_SYSSAPOBJ             SAPSR3DB
VIRSA_CC_SYSTEM                SAPSR3DB
VIRSA_CC_SYSTEMC               SAPSR3DB
VIRSA_CC_SYSTEMT               SAPSR3DB
VIRSA_CC_SYSUSR                SAPSR3DB
VIRSA_CC_TEXTKEY               SAPSR3DB
VIRSA_CC_THREAD                SAPSR3DB
VIRSA_CC_USRMAP                SAPSR3DB
VIRSA_CC_VARIANT               SAPSR3DB
VIRSA_CC_VARVAL                SAPSR3DB
VIRSA_CC_WFOBJ                 SAPSR3DB
VIRSA_CC_XSRULEMAP             SAPSR3DB
VIRSA_CC_XSYSGRP               SAPSR3DB
You can go and check which one contains the scheduling info (VIRSA_CC_SCHEDULER ??)
Hope this helps

Compliance Calibrator: Background jobs didn't bring in the correct data.

Hi Gurus;
In Compliance Calibrator; background jobs were last run on 5/27/09 but the management report shows that the summary is as of 5/20/09. That should have been updated uptill 5/27/09 and the new number of conflicts should have come up, which it didn't. What can be the problem?
Thanking you;
Raja

Hi Harleen;
This job was actually set by the client. So when I went to check the parameters of the jobs, I found that the field MGR_ANALYSIS consists of Field value "N". Does this mean that the Management Analysis box was not ticked when this job was scheduled?
Regards;
Raja

Custom Risks in Compliance Calibrator?

Hello,
Can someone please verify this process for me?
My understanding is that once you create and configure a custom risk in Compliance Calibrator 5.2, you simply click generate and can then immediately run a risk analysis using the new custom risk.
Is there any kind of a background job required to synchronise the new custom rule prior to running a risks analysis or any steps that I'm missing?
Thanks your help is much appreciated,

Hi Adamo,
This is the exact process you need to follow. Once you create main risk and generate rules, you should be able to see the risk in CC. Have you enabled the particular risk? You can go to informer and try to run a simulation or ad-hoc analysis on that particular risk.
Regards,
Alpesh

How to add my own iview in Compliance Calibrator

Hi Experts,
can plaese tell me how to add my own iview in Compliance Calibrator 5.1.

Anubha,
If you are trying to add an iview or URL to Compliance Calibrator you have to login as an administrator go into the configuration tab, and go to Custom tabs toward the bottom of the left screen. Here you can add custom URL links that will appear as tabs in Compliance Calibrator.
Hope this helps
Gabe

Compliance Calibrator SOD Conflict (FI01 and FB05)

I was hoping that someone could provide some insight as to why the "FI01 - Create Bank" and "FI02 - Change Bank" transactions would create a risk (in Compliance Calibrator) when coupled in the same security role with the "FB05 - Post with Clearing" transaction. The risk description given by Compliance Calibrator is "Maintain bank account and post a payment from it".
The FI01 and FI02 t-codes appear to only create/change routing numbers or addresses for banks. There is no ability to create or change an actual bank account. This alone doesn't seem to create a conflict when coupled with a posting transaction. Is there possibly some functionality that I am missing?

Hi Joshua,
I strongly agree with you that there is no SOD conflict technically with FI01, FI02 with FB05 although the wording of the SOD conflict in a business sense meaning Maintain Bank Accounts vs Posting Payments sounds more like a Conflict.
I dont see by anyway how you can maintain actual bank account in either FI01, FI02.
FI01 and FI02 - Maintain Bank Info like Bank Address, Bank Key and soforth.
FB05 - Make Payments to various accounts.
Regards,
Kiran Kandepalli.

Compliance Calibrator v.4.0 Installation Guide?

Does anyone have a Compliance Calibrator v.4.0 Installation Guide? I cannot find one on SAP Service Marketplace.
I have found a Security Guide, User Guide Supplement, User Guide, but no installation guide.
Thank you!

Hi there,
I have the guide, and I can give it to you.
Reach out to me at [email protected] and I'll get it to you.
Thanks,
Santosh

SAP GRC 5.2 Compliance Calibrator rule sets for HR module

HI All,
The company i am working for has done installation of GRC 5.2. I would like to download the SAP out of box Compliance Calibrator rule sets for HR function module in a spreadsheet format.
I would like to download the rule set for risks at Function level, Tcode level and also at authorization object level in ABAP and Roles, actions and permissions in JAVA.
I will discuss with the BPAs, internal auditors and come up with a new rule set exclusively for my company needs with the help of the above spreadhseet.
Please tell me what steps i need to do to get this thing done.

Please go through the process but save these as txt files for UNIX. I am not sure about 5.2 but CC4 was not uploading rule files correctly if file was not saved for TXT for UNIX.
Regards,
Harry Sidhu

Compliance Calibrator issue

Similar Messages

Maybe you are looking for