Critical actions in SPM reports

Similar Messages

• Can CUP be configured to ignore Critical Action risks during SOD analysis?

  Hi All,
  We have configured our CUP workflow to take a detour path if SOD violations are found at a stage. RAR has Critical actions defined in the rule set. When  CUP performs the SOD analysis, is there any way we can skip critical action risks and consider only SOD risks?
  We are 5.3 SP 11.1

  Hi,
  If the critical action activated in the same rule set, than you have to define a mitigation control as well, because CUP is going to show these risk after a risk analysis and you have to mitigate that. There is no possiblity to skip that.
  Possible solutions:
  If you want these risks (critical actions) just for reporting aspects in RAR, than you should maybe create a new ruleset just only for these risks, and deactivate it, on the Global ruleset... I wouldn't recommend that, because, if you are going to define critical actions, you have to define mitigation control, from the security aspects as well.
  Cheers,
  Martin

• Critical Actions are not showed in Reports

  I'm having a problem in displaying user analysis report in management view.
  I have uploaded SAP default rulesets and it does contain some defined critical actions. I can also display critical actions by user in risk analysis reports.
  But the problem is in "User analysis Report", the number of critical action&role is always 0. 
  Does anybody know the reason?
  Is there anything that I'm missing?
  Thank you&Regards
  Stellare

  Hi,
  if you are using CC 5.2: have you checked the field Critical Action and role/profile analysis in Configuration->Background job->Schedule Analysis ?
  I suppose you are talking about that there is no critical violation in Informer.
  Hope this help you
  Emilio

• GRC 5.3 Risk Critical Action reports return "no matches or conflicts"

  When running GRC 5.3 Risk Analysis Critical Action reports on either the user level or role level getting the message no matches or conflicts.
  However, Permission level reports are successfully returning correct results on the user and role level.
  This is a new installation of GRC 5.3 with latest SP.  Is there any set up that has to be done to run critical action analysis reports in GRC 5.3?
  This is also using the SAP default Global ruleset with no customisation.
  I have used GRC 10 to run the critical action reports and these work with using the critical risks as defined in the ruleset.  Does GRC 5.3 work a different way?  Is there any additional set up that has to be performed?  I just want to see the risks on role level or user level that relate to just the critical access risks (just 1 function).
  Please advise.

  Hi Trinadh
  Thank you for the response.  I did not know that you had to define the critical actions in 5.3 as I don't think you have to do it 10 - it seems to work on what is defined in the ruleset.  Where do you define the critical actions or check if it has been defined?
  Thanks

• Role Analysis at Action Level - Summary Report - Question

  When running the Role Analysis Summary report at the Action Level, will the report show tcodes  that run in the background   from the tcodes specified in the role on the report?

  Hi Varun,
  Does this also apply on alert monitor report - say we have one tcode defined as critical action or is in one SOD risk, and the tcode is run indirectly, will it show in alert or not?
  Example, we have seen one tcode showing as executed, but the user authorization doesn't have the tcode access at all. So I was wondering how did it come in alert report.
  Regards,
  Sabita

• Critical Action and Role/Profile Analysis job in not running in GRC 5.3

  Hi Team,
  I  am working for a client where GRC 5.3 is installed( support pack 4 and patch 1).
  The installation is complete and also the post processing is done.
  We have scheduled a periodic ( weekly ) incremental background job for Critical Action and Role/Profile.
  Following are the parameter setting used:
  Task: Risk Analysis -Batch
  Batch Mode : Incremental
  First time it run successfully on 28th June'09 and it is completed with spool also. But next time it is supposed to run on 4th of July'09 . But it does not. And since then it is in same state.
  I am not able to find any reason that why it is behaving this way where other incremental jobs are running successfully.
  It will be helpfull if any one can guide me providing the solution.
  Regards,
  Kakali

  Hi Varun,
  I go to the Job History Button. It shows the following data only :
  2009-06-28 00:00:59 Done Job Completed successfully
  2009-06-27 23:45:00 Started RAR_PE1CLNT100_Critical Action and Role/Profile Analysis started :threadid: 0
  Under the Last Run Colomn it shows 28th June ( Status -completed)
  Under Next Run Date it is showing 4th July
  Follwoing are the list of Updates available From SP05
  When executing the critical roles/profile jobs in background, a message
  "error while executing the Job: null" comes up. ---( this one is for which come under Informer Tab)
  Background job spools are not available after upgrade from 5.2 to 5.3.
  Critical action and critical role/profile analysis cannot be run in
  background by system. --- ( But in my case It ran for once )
  Selection parameters (System, User and User Group) have been provided for
  "Critical Action and Role/Profile Analysis" in Configuration->Background
  Job->Schedule Job. --- ( it means it run usually)
  Critical Actions report in detail view shows no results after executing the
  Risk Analysis Job in the background. The same report shows data when
  executed in the foreground. ( this one is for which come under Informer Tab )
  When there is only one periodic job configured in RAR, this job fails to
  start after the first time in the specified time. ( this is not true, becoz there other periodic jobs running successfuly)
  Unable to run Informer - audit reports - critical role and profiles with
  logical systems. ( this is again under Informer Tab )
  I had gone through this  earlier also, but not able to match any update with my problem. If if have any other suggestion you can provide me the same.
  Is there any way to check for job log so that I can check what is the problem. View Log option is also greyed out as we have sap logger set up as a default logger Parameter. I have made it enable just to check but there is nothing.
  Please Guide.
  Regards,
  Kakali

• FF Id Owner Name appears different in SPM report campared to Backend

  Hi Team,
  We have SPM 5.3 installed and we are using user based Firefighter concept.
  I have run the SPM report ( log summery report , transaction usage report and detail log report ) today. There the FF id Owner name appearing is different with respect to what we maintained in ' Owners' tab in backend firefighter Dash board. Even in the Backend log report  it is appearing different . Means at Backend and SPM ( GRC front end) both the  places FF id owner is appearing different w.r.t what we maintained in Owner tab of Backend system.
  Please suggest what can be the issue . And where I need to change the confirguration to make the report consistant with what we maintained in Owner tab of Backend system.
  Looking for your earliest response.
  Regards,
  Kakali

  Kakali,
  Have you got multiple owners defined in the backend system? Sometimes that causes inconsistencies.
  I have noticed that there is a Bug in SAP Note 1168121 which means that the owner is missed off the email log reports in SPM up to SP08 and that might also be the issue.
  Simon

• SPM Reporting - Log reports display on front end

  Hi,
  We have implemented GRC 5.3 and have an issue on the SPM reporting through the front end.
  We have done config in dev and have the following jobs running in the background every 1 hour:
  1. /VIRSA/ZVFATBAK
  2. /VIRSA/ZVFAT_LOG_REPORT
  3. /VIRSA/ZVFAT_V01
  4. /VIRSA/ZVFAT_V03
  The log on the back-end displays all activity of FF user, but when going to the front end I seem not to get any reports to display.
  We have created the connectors via the config page, but when trying to drill through the selection criteria we found that the FF user does not come up as a selection variable. We see the system defined though.
  Any suggestions how to get the reporting to display on the front-end?
  Kind Regards, Melvin

  Santosh,
  You should only need the /virsa/zvfatbak job running in the background. However, if the emails are not triggered for the log reports, you may wish to schedule the /virsa/zvfat_log_report program to run after completion of /virsa/zvfatbak as that is the program which actually sends the notifications.
  Regarding the RFC user, check the authorisations held in the Firefighter Administrator role as those will not be too far away!
  Simon

• AC 5.3  Critical Action Alert Emails not being sent

  HI:
  We have set up Critical Action alerts for a couple of transactions and while the on-line alert logs are being generated correctly, the alert email is not being sent to the Risk Owner.
  Does anyone know where I can trouble shoot this issue?
  Thanks,
  Margaret

  >
  Alpesh Parmar wrote:
  > Margaret,
  >
  >     Have you set up the SMTP server in visual admin? RAR needs to use this server details to send out an email.
  >
  > Alpesh
  Hi AlpeshMargaret,
  Where are the instructions for setting up the SMTP server in visual admin for the purpose of Alert Generation? I am not seeing this in the Configuration Guide. Could you point me to the correct documentation?
  Thanks!
  Jes

• RAR 5.3: Uploading Critical Actions

  Hi,
  We have already a system with SoD Matrix already loaded and rules generated.
  Our question: Is it possible to upload critical actions (include in functions and these into risks) using "Rule upload" functionality or once the SoD Matriz is loaded not more risks can be uploaded using such functionality and must be entered manually?
  I remember there was a note related with the way rule upload works and the append / insert happening but I can not find it now.
  Any help on this?
  Many thanks in advance. Best regards,
     Imanol

  Hi Imanol,
  You can create txt files for new risks upload and do it. It will append the existing data. Just make sure that tcodes, objects and other required values are in place. Also, if a function / risk is existing, then modified data will not be applicable but it will throw error. But if your txt files are having all new data, then it will be uploaded successfully. We have done it, as our rulebook was prepared in installment and we uploaded SOD first and gave the risk alanysis to business before SAT risks were prepared and uploaded.
  Regards,
  Sabita

• RAR: SoD Riskk and Critical Actions risks

  Hi all,
  I would like to get your input regarding different approaches followed in order to load in RAR SoD risk and critical actions risks.
  1) Do you load all of them under the same rule set?
  2) Do you think is convenient to load them under two different rule sets? One for SoD and the other for critical action?
  My decision here since AC modules when calling to RAR are using the default SoD, would be to define everything under the same unique rule set. Agree on that?
  Keep in mind the four GRC AC modules are implemented.
  Thanks for all. Kind regards,
    Imanol

  Hi Imanol,
    It depends on the client requirements. If client wants to see critical risks as well as SoD risks in CUP then same ruleset is the way to go. If client doesn't want to confuse approvers by showing critical risks then separate ruleset is the right way. At my current client, we have separate rulesets for SoD and Critical actions. We ask role owners to reaffirm all the role assignment which contains critical actions quarterly so we are covered from that angle.
  Regards,
  Alpesh

• Critical Action and Role/Profile Analysis

  Hi,
  I want to know the purpose of the Batch Risk Analysis back ground job "Critical Action and Role/Profile Analysis" in RAR 5.3.
  I'm assuming that I need not run this job if I do not want the critical roles/profiles like SAP_ALL to be analysed which were defined to be critical in rule architect.
  Please let me know if there is any other purpose to run the BG job "Critical Action and Role/Profile Analysis".
  Thank you,
  Partha

  Hello Partha,
    You got this right. It will analyze the defined critical actions/roles/profiles.
  Regards, Varun

• Monitoring critical transaction in SL report

  Hi,
  I am not able to  add business critical transaction in SL report configuration. It shows TOP LOADED transaction which is not requirement. I like to add new transaction as per customer requirement,
  We have recently upgraded solution manger to SAP EHP 1 for SAP Solution Manager 7.0 and after that earlier SLR configuration disappeared and also old settings. we have configured new one but we are not able to set up Critical transaction. I tried to set using Business process monitoring in Solution directory but it did not reflect in report.
  Also earlier we used to get all report/graph in html format but now it is only available in word format. Is it normal or we need to activate any setting.
  Can you please suggest on above two problem ?
  Thanks in advance.
  regards,

  Hi,
  Service Level Reporting is based on your EWA. For your requirement, you need to setup up BPM for monitoring your required transaction.
  Once you are done with your BPM, go to Service Level Reporting Setup under Operations Setup in DSWP. When you click on setup Service Level Reporting you will have Active Variants available. If you selec the variant you will have a tab Business Processes. There you can select your business process which is monitoring your Tcode. After have setup this your SL Report will show the Business Process that you have selected.
  Hope this solves your problem.
  Feel free to revert back.
  -=-Ragu

• SSRS Drill through report - Text Box Properties, Action - Go to Report

  Apologies for the potentially very basic nature of my question, I am fairly new to using SSRS (using SQL Express 2014) and struggling with creating a drill through report using other reports.  Where the problem is, is when I go to the Text Box
  Properties - Action - Go To Report.  Where it says to specify a report, I click on Browse and it only allows me to look in 'Recent Sites and Servers' - I therefore cannot navigate to where my other report that I wish to link is stored.  What am I
  missing? Any suggestions appreciated. Thank you

  If you dont have the report to which you need to navigate within the same project, you should be using jump to URL option and specify full report server url of the second report with only parameter part replaced by the actual field from which you need to
  pass the value
  Another way is to create a linked report for the report to which you need to navigate within the same project  as your first report and then use jump to report option to include the linked report along with its parameters and corresponding values.
  http://www.mssqltips.com/sqlservertip/2308/sql-server-reporting-services-linked-reports-example/
  Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs

• Critical actions showing "No match or conflict found"

  Hello
  I've set up an Active Critical Action rule, pulling in one Function and when I execute it against users that I know have access in the function, it's coming up with "No match or conflict found".
  It asked when I created it if I wanted to generate the rules and I said yes.
  Is there another step I need to complete before getting valid results?
  Thanks
  JD Schmidt

  Jon,
  Check this thread: "No match nor conflict found"
  If you are performing an Online Analysis it should work.
  Cheers,
  Diego.