CUP mitigation wokflow

Hi Everyone,
We have configured in RAR, the workflow to send request for approval of Mitigation Owner using CUP Workflow. For Mitigation Control Using RAR  work fine, but unfortunately when we mitigated the Risks through the CUP request,  the workflow of Mitigation Control was not started.
Workflow: USER > MANAGER > ROLE OWNER.
Workflow with risk: USER>MANAGER> MITIGATION OWNER> ROLE OWNER (We have problem to send the request for Mitigation Owner).
Let me know if you need any other information.
Best Regards,
Vitor Cozer

Hi Vitor,
I also faced the same issue and called SAP.They said GRC doesn't have option to trigger any additional workflow for mitigation from CUP (Request type /New change).
If you have sorted out this issue,can you please tell,  then what strategy are you following currently.
Thanks
Mukesh

Similar Messages

  • CUP - Mitigation Controls in a Detour Workflow

    Hello everybody,
    I have a problem with a detour workflow in CUP.
    I choose the detour condition: "SoD violation".
    So in theory, if there is no conflicts the workflow don't take the detour path.
    We supposed that the user request has an SoD conflict.
    In the stage(s) before the detour, if we assign a mitigation control that mitigate the risk, the detour is still taken.
    I think the workflow swich systematically to the detour if the request had a conflict, even if the risks were deleted by an Mitigation Controls assignment.
    Does anyone have a solution to avoid the detour path if we mitigate the risks?
    Thank you in advance!!

    Ben,
       This is how CUP works. There is no configuration which allows you to ignore SOD violaton even if there is mitigation. You will have to live with this for now.
    Regards,
    Alpesh

  • Missing workflow types in CUP

    Hi Experts,
    I am missing the workflow types. That is the workflow type CUP , mitigation control etc is not visible. Even the workflow type column is missing in request type. I have already imported the inital files
    AE_init_clean_and_insert_data.xml
    AE_init_append_data.xml
    and AE_init_append_data_CC.xml
    I guess it has something to do with one of these files not being uploaded correctly. how can I be sure?
    Thanks,
    Chinmaya
    Edited by: chinmaya prakash on Jun 11, 2010 12:31 AM

    Hi,
      Go to configuration -> miscellaneous and see if you can see all the workflow types. If you can not then upload the files again.
    If you do see the workflow types then activate them but clicking on the active checkbox in the right most column and save the settings.
    Regards,
    Alpesh

  • Mitigation Notification

    Dear colleagues!
    I have tried to find any information regarding my question... and have not found any solutions or discussions :\
    I have the following issue:
    Is it possible to notify Mitigation (or Risk) Owner about using his/her Mitigation?
    I.e. Approver1 in CUP mitigated risk with mitigation control id MI_HIGH. We need that Mitigation Owner gets notifaction "Mitigation control MI_HIGH has been used in request 999999 by Approver1", or another notification which will be understandable for Mit.Owners.
    Thank you for paid attention
    Regards,
    Artem Ivashkin

    Hi
    It is certainly possible to trigger a workflow when the mitigation control is altered or assigned.
    Check the RAR configuration node " workflow" and enable the appropriate parameter.
    You will then need to define the workflow in CUP in order to direct it to the appropriate person. You should be able to use the standard Approval Determinators to identify the correct "approver".
    This should fit what you ask for but if not, please let us know.
    Simon

  • Mitigation control errors out in CUP approval

    We are on GRC 5.3 SP8 and I am trying to create a mitigating control in RAR.  Once it goes for approval into CUP, it erroru2019s out when I try to approve it.  Here is the message:
    2010-05-25 10:57:43,367 [SAPEngine_Application_Thread[impl:3]_9] ERROR com.virsa.ae.commons.utils.StringEncrypter$EncryptionException: Invalid PKCS#5 padding length: 32
    com.virsa.ae.service.ServiceException: com.virsa.ae.commons.utils.StringEncrypter$EncryptionException: Invalid PKCS#5 padding length: 32
         at com.virsa.ae.accessrequests.bo.RequestExitServiceHelper.getCCDocument(RequestExitServiceHelper.java:315)
         at com.virsa.ae.accessrequests.bo.RequestExitServiceHelper.callCCExitService(RequestExitServiceHelper.java:263)
         at com.virsa.ae.accessrequests.bo.RequestExitServiceHelper.callExitServiceForApprovedRequest(RequestExitServiceHelper.java:51)
         at com.virsa.ae.accessrequests.bo.RequestBO.callExitService(RequestBO.java:5391)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:5230)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:5023)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:946)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:103)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by:
    com.virsa.ae.commons.utils.StringEncrypter$EncryptionException: Invalid PKCS#5 padding length: 32
         at com.virsa.ae.commons.utils.StringEncrypter.decrypt(StringEncrypter.java:200)
         at com.virsa.ae.accessrequests.bo.RequestExitServiceHelper.getCCDocument(RequestExitServiceHelper.java:305)
         ... 32 more
    Thanks,
    Peggy

    Hello Peggy,
      Did you recently upgraded your NW Java Support package? If yes, then kindly check the SAP Note "1417651 - Unable to retrieve connector & application configuration"
    The problem is coming due to change in NW encryption algorithm and impacted GRC as well. This is fixed in SP10 of GRC.
    Regards, Varun

  • CUP-5.3-SP13-Mitigation Controls by rol/users

    Hi all!
    Since RAR consider mitigations contros both by rol and users, If I have the role ZROL1 mitigated for the ID risk P001* then, would be able CUP to consider this mitigation control even when CUP is managing users?
    I mean, if ZROL1 has a mitigation control, would appear at the request the ID risk whenever I add this role to a user?
    Many thanks in advance! any help would be welcomed.
    Margarita.

    Hi Margarita,
    If you want it will consider the role level mitigation controls. So in the request risk violation will not be shown.
    For this u need check the option, consider mitigation control in CUP. Configuration-> Risk anlsysis.
    Also in RAR following things needs to be done.
    RAR Configuration->Risk analysis-> Defaults values.
    Exclude mitigated Risk as yes.
    RAR Configuration-> Risk Analysis ->Additional options
    Include Role/Profile Mitigating Controls in User Analysis  as yes.
    If above values are defined as No. than Risk Voilation will be shown in the request.
    Kind Regards,
    Srinivasan

  • CUP 5.3: Mitigating from Request and approval of new created control

    Hi,
    I have activated in RAR that new created controls need to be approved and this works fine when creating the control in RAR.
    when creating the mitigating control from CUP within the request with the "Mitigate"-button the control is created directly in RAR without starting the approval workflow the new controls.
    Is this a bug or do I need to configured somewhere that the workflow should be also triggered when a control is created via CUP?
    Best regards
    Marco

    Hi Marco,
       I know this is an important functionality but it is not available in CUP as of now. Some of my customers are looking for this. You should open an enhancement request for this. I have also encouraged my clients to open an enhancement request for this. I am hoping SAP fixes this ASAP.
    Regards,
    Alpesh

  • Problem with workflow to control mitigating RAR to CUP

    We have configured in RAR, the workflow to send request for approval of Mitigation Owner using CUP Workflow. For Mitigation Control Using RAR  work fine, but unfortunately when we mitigated the Risks through the CUP request,  the workflow of Mitigation Control was not started.
    Workflow: USER > MANAGER > ROLE OWNER.
    Workflow with risk: USER>MANAGER> MITIGATION OWNER> ROLE OWNER (We have problem to send the request for Mitigation Owner).
    In the attached file has the details of this problem.
    Let me know if you need any other information.
    Best Regards,
    William Pantaleao

    Yes, it is configured correctly misc.
    Thanks
    William Pantaleã

  • Stage follow in CUP when risk are mitigated

    Hi,
    We haven't implemented Mitigation Controls yet but we have the following question:
    In case certain risks are mitigated within CUP by selecting Mitigation Controls, which condition is true afterwards?
    Option A) The request includes risks
    Option B) The request does not include risks (since they have been mitigated)
    The reason of this question is because right now we have define different routes based on the existence or not of risks and we would like to find out what will happened when mitigation controls will be in placed.
    Hope I have explained clearly.
    Thanks in advance. Kind regards,
      Imanol

    Hi Imanol,
      If you want to ignore risks which are already mitigated then you have to maintain settings in CUP and RAR both.
    Go to RAR configuration -> default values -> set 'Exclude Mitigated Risks' to 'Yes'
    Go to CUP configuration -> Risk Analysis -> check the box for 'Consider Mitigation Controls'
    Regards,
    Alpesh

  • Creating Mitigation Control from CUP

    Hi Guys,
    Is this feature implemented in Access Control???? Or Stills as enhancement

    Hi Alpesh
    In order to your answer... Can you help me to identify what I doing wrong when I want to approve a mitigate control in CUP.
    Path 1 : Approve request
    Stage 1: Request
    Stage 2: Security
    Stage 3: Role Owner
    Detour Path:
    Type: CUP
    Stage: Role Owner
    Condition: SoD Review
    Detour Path: Path 2
    Path 2:
    Stage 1: Approval -- > CAD : Mitigation Monitor
    The request is send to the Mitigation Monitor but when we try to approve request show the next error:
    2010-03-30 14:10:26,390 [SAPEngine_Application_Thread[impl:3]_25] ERROR  Mitigation control TEST_5.1 could not be saved for user PRUEBAGRC_6
    com.virsa.ae.core.BOException: Exception from the service : Mitigation record doesn't exist
         at com.virsa.ae.accessrequests.bo.MitigationControlBO.insertMitigationControl(MitigationControlBO.java:207)
         at com.virsa.ae.accessrequests.bo.MitigationControlBO.saveMitigationControls(MitigationControlBO.java:321)
         at com.virsa.ae.accessrequests.bo.RequestBO.callAEExitService(RequestBO.java:6993)
         at com.virsa.ae.accessrequests.bo.RequestBO.callExitService(RequestBO.java:6748)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6600)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6393)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:949)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:104)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Caused by: com.virsa.ae.service.ServiceException: Exception from the service : Mitigation record doesn't exist
         at com.virsa.ae.service.sap.MitigationControlWS52DAO.checkForSuccess(MitigationControlWS52DAO.java:832)
         at com.virsa.ae.service.sap.MitigationControlWS52DAO.executeUpdateUserMitigation(MitigationControlWS52DAO.java:287)
         at com.virsa.ae.service.sap.MitigationControlWS52DAO.insertUserMitigation(MitigationControlWS52DAO.java:309)
         at com.virsa.ae.accessrequests.bo.MitigationControlBO.insertMitigationControl(MitigationControlBO.java:195)
    Can you help me please?? All URI are OK.
    Thanks !!!!
    Edited by: Karen_sans on Mar 31, 2010 7:45 PM

  • Error when trying to approve a mitigation control in CUP

    Hi,
    I have created a Mitigation Control in RAR and set-up the necessary workflow. The request ends up in CUP and the approver is able to see the request when he/she logs in, however the approver cannot approve or reject the request.
    The following error messages appear:
    - Approve: Error processing your request, Request no: 2 in stage : MITIGATION
    - Reject: Error rejecting request no: 2
    I have check the workflow many times now and I have also checked the mitigation URL's.
    Any idea what the problem can be?
    Thanks.

    Thank you for your response. No the approver is not part of the DL. I just added the approver to the workflow (CAD).
    Please find log details below:
    2010-03-18 16:09:32,729 [SAPEngine_Application_Thread[impl:3]_8] ERROR Service call exception; nested exception is:
         com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (401) Unauthorized. The requested URL was:"http://vgrdci.sap.client.co.za:51900/VirsaCCWFExitService5_2Service/Config1?style=document"
    java.rmi.RemoteException: Service call exception; nested exception is:
         com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (401) Unauthorized. The requested URL was:"http://vgrdci.sap.client.co.za:51900/VirsaCCWFExitService5_2Service/Config1?style=document"
         at com.virsa.ae.request.ws.cc.Config1BindingStub.execWFExitService(Config1BindingStub.java:87)
         at com.virsa.ae.request.ws.cc.Config1BindingStub.execWFExitService(Config1BindingStub.java:96)
         at com.virsa.ae.accessrequests.bo.RequestExitServiceHelper.callCCExitService(RequestExitServiceHelper.java:263)
         at com.virsa.ae.accessrequests.bo.RequestExitServiceHelper.callExitServiceForApprovedRequest(RequestExitServiceHelper.java:51)
         at com.virsa.ae.accessrequests.bo.RequestBO.callExitService(RequestBO.java:5335)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:5174)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:4967)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:928)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:103)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:425)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:455)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:455)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by:
    com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (401) Unauthorized. The requested URL was:"http://vgrdci.sap.client.co.za:51900/VirsaCCWFExitService5_2Service/Config1?style=document"
         at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.handleResponseMessage(MimeHttpBinding.java:998)
         at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1449)
         at com.virsa.ae.request.ws.cc.Config1BindingStub.execWFExitService(Config1BindingStub.java:80)
         ... 33 more

  • HR Object Mitigation does not works in CUP

    Hello,
    We are on GRC 5.3 SP07 and have position based security. Our mitigation controls are also position based (meaning thereby that we implement mitigation control at the position level, and not to the user occupying the position).
    Our CUP is also based for indirect provisioning at the position level and it works fine. The only problem is when the request comes in via CUP for roles and the role has some risks (in itself or in combination with other roles already attached to the position), and then even if the position is mitigated for that risk, the risk analysis in CUP still shows that risk (ie the tool cannot detect the mitigation applied at the position level) and because of this the request gets routed to the detour path.(the detour path is based on condition u201Cif SOD found u201C).Ideally the request should detect the risk at the position level and should neglect the resulting risk as it is already mitigated. But this does not happens.
    My question is this possible at all with CUP 5.3 or am I missing some configuration.
    For you reference,
    At the configuration part in CUP, for risk analysis I have checked the box for u201Cconsider mitigation controlsu201D
    The validity of both the roles and mitigation controls all end with 12/31/9999.
    Regards,
    Matt

    Venky,
    If the risk is mitigated at user level , the request does NOT goes to detour path. If the risk is mitigated at role level again it does NOT goes to detour path. This is because the tool is smart enough to catch user and role level mitigation from RAR. However if the risk is mitigated at HR Object level it still goes to detour path. This is probably because the CUP cannot catch the mitigation done at HR Object level done at RAR. Although ideally it should catch the mitigation applied at the position.
    Regards,
    Matt

  • Error on page when selecting a Risk for Mitigation from CUP

    Hi,
    I am not getting the link to Mitigate the riks for the Roles requested from CUP. when I am trying to select the risk to mitigate after the Risk Analysis is done from RAR and the report is fetch to CUP no links are showing. It shows error on the screen "Correct the following errors: Select a risk."
    The message "Error on page" shows in the bottom left corner of the browser. I can not go any further to mitigate the risk.
    The soluition was put to import the AE_init_append_data.xml as instructed n the A 5.3 installation guide. This file contains lines for background color that ar enecessary for display of the Risk. each support package of 5.3 has this file and is delivered in the .SAR file, and this should always be updated if delivered.
    I have tried this and still falling to Mitigate the risk as the problem remains. May I know if you have some other solution or if you can provide me with the correct and update file for above request.
    Thanks,
    Abhimanyu

    Hi,
    Have you configured the mitigation controls?
    There are mitigation control Exit URIs in workflow configuration in CUP Configuration-Miscellanious setting?
    Put all these configuration in place if you dont have, and please check that active status is checked for all these.
    Regards,
    Sabita

  • CUP Request Audit Trail missing info about Mitigations & Risks

    Hi  All,
    We use  SAP GRC CUP 5.3 SP8 Patch 1.
    When provisioning an SAP account through the GRC solution, we notice that the Audit trail is missing any details about the risks &  mitigations that are applied to the request. Ideally we need to track the user who applied the mitigation and the time stamp for the action. We can see the Risks and the mitigations applied in separate sections in the request(but still missing the details i've mentioned above)
    We have configured the system so that the risks need to be mitigated before approving a request.
    Is there a way(some config) we can get this info too recorded in the Audit trail?
    Thanks,
    Anil
    Edited by: Anil Sebastian on Sep 20, 2009 10:50 PM

    I was getting an error in RAR that it couldn't send out the notification e-mail.  The Java Mail Client had not been configured.  Once I had done this, and restarted the server0, it worked.

  • Mitigation URI, Risk Search URI options missing in CUP 5.3 SP5

    Hi Guys
    In CUP 5.3 SP5 , on  configuration -> mitigation ,  fields  like
    Mitigation URI, Risk Search URI, Rule Search URI ,Function Search URI
    options are missing so we cannot enter their URIs. Please let me know if
    this is a bug with SP5 or all these URIs will be taken by default by GRC
    5.3 SP5 ? If so i didnt find a details in note 1168508. Also I have
    clicked the upgrade button as per 1286904. The above URI values are  to
    be enter as per GRC AC 5.3  config guide.
    Please help on this.

    Hi Jes,
    Go to CUP -> Configuration -> Risk Analysis
    Select Risk Analysis and Remediation Version 
    under that  select Version  5.3 Web Serice. give URI , username, password.
    then save . then go back you will be able to see.

Maybe you are looking for

  • Removing the header and footer in Pages

    I just began to use Pages after purchasing a new ibook. In AppleWorks, headers and footers were never inserted by default. In Pages, how can I remove the header and footer in Pages so I can have more space for the body section of the document?

  • How do I get my iPhone iMessages to sync with my macbook pro iMessages?

    I don't get imessages on my macbook pro unless I start the conversation first. How can I get my iMessages to sync together?

  • TDS Challan error - while creating payment document

    Hi, I was trying to create With holding tax Challan through J1INCHLN. Following error occurred after simulating payment document - "Withholding tax lines are being cleared along with other line items" Please help in above matter. Thanks Deepak

  • Retrieve the complete filename picked up by file adapter

    Hi all, I would like to retrieve the complete filename which is picked up by a sender file adapter. I need to know the exact filename during runtime in order to group some messages within an BPM process. No workaround (e.g. set up multiple file adapt

  • IPad and iCloud syncing

    I accidentally erased the notes on my iPad by turning iCloud off and on. How do I retrieve them?