GRC AC 10 - risk analysis : No rules were selected

Similar Messages

• GRC AC 10.1 - Risk Analysis: No rules were selected

  Hi All,
  I'm currently configuring the ARA module in GRC AC 10.1, and an facing this issue. When I run my User Analysis, its throwing an error message "No rules were selected'.
  As per your suggestions from discussions, i double checked all the below activities
  Activate the BC sets
  Run Sync Jobs
  Run Batch Risk Analysis
  After all this I found that the functions are not mapped to the logical groups(Back-end Systems) I have defined. Can you please let me know how to make sure you have correct back end system(logical Group) updated for the functions in the setup? Doesn't the configurations Connector/Connector Groups etc already mapped the functions to the back-end system? It would be a hell of work to do all the system mapping on function level manually.

  Hi Narsimha
  You need to map your connectors to the logical systems that are used in the function definitions
  Look at your integration framework Setup in the IMG.
  Governance, Risk and Compliance > Common Component Settings > Integration Framework > Maintain Connectors and Connection Types
  Also, for 10.1 there was an issue with logical systems. It may be that your configuration is correct: Re: GRC 10.0 SP14 - Poblems when generating rules for logical systems
  Regards
  Colleen

• SAP GRC 10.0 - Risk Analysis - Define global variant

  Hi Experts,
  We are implementing SAP GRC 10.0 and we have a question about variant management in Access Risk Analysis.
  When we saved a variant, it seems that this variant is user specific.
  Is it to possible to define this variant as default for all users?
  Thanks.
  Best regards,
  Nicolas RICHARD

  Hi,
  I think this is still user-specific, as it was in 5.X. I have checked the new GRC authorisation object parameters delivered within the roles and also tried to see if a Admin user was able to see all the variants created by the different users, but so far I have not found a solution.
  It may be worthwhile to raise this in "IdeaPlace", hoping it gets enough votes and SAP's attention for implementing in a future Support Pack delivery.

• AC10.0 RAR risk analysis

  GRC Gurus,
  I have configured GRC10.0 for AC and trying to run the risk analysis for role/user level but no data is showing up. I could select the connector and roles, but after running the risk analysis no results are coming up.
  Any help is appreciated.
  Thanks.

  Hello Bhanu,
  Will you please let me know the solution ??
  Even we are facing the same problem.
  We can see the system , also see the roles , the users and also ran the background job to execute the risk analysis to perform user, role ,profile analysis from SPRO.
  Also note that we have already uploaded txt files for SOD rules.
  When we run the report for any user or any role the result is nill .
  Please suggest how did you resolve the issue ??
  Can you also tell me how can you generate "rule Id" manually for uploaded risk id ?? from NWBC or SPRO
  We tried via  SPRO>GRC>AC-->Access Risk Analysis >Sod Rules>Generate SOD Rules
  It ran successfully but the rpeort does not give any output !!
  Thanks in advance.
  Regards,
  Victor

• GRC 5.3: CUP asks to perform risk analysis even when there are no risks in request

  Hi All,
  We recently upgraded from GRC 5.3 SP13 to SP22.
  The one issue which we are facing after upgrade is that now CUP is forcing approvers to do Risk Analysis, even when there are no risks in the CUP Request, that is Risk Tab is Green.
  Previously approvers were able to approve requests without doing risk analysis, if there were no risks in the request.
  CUP used to force them to do risk analysis only when there were risks associated with requests.
  But now, it is forcing approvers to perform risk analysis, even if there are no risks, i.e. approvers are not able to approve requests without any risks without doing risk analysis.
  Please advise.
  Thanks
  Aditi

  Hi,
  Can you check if any change is made in Configuration -> Workflow -> Stage -> Approvers
  Regards,
  Claudio

• Different Risk Analysis Results with 10.0 and 10.1

  Hello,
  I do not understand why I get different results with 10.0 and 10.1. Exactly the same ruleset is applied!
  Definition in 10.0 and 10.1:
  Analyzed Role (which definitely contains the SOD):
  Version GRC 10.0 finds the SOD S_FI14 and displays it. In 10.1 nothing is displayed...Any ideas what's the problem?
  Regards
  Peter

  We had similar issues with 10 and 10.1.
  We applied an SAP Note about logical groups and the ruleset, it did not work.
  What did work:
  When performing Risk Analysis, remove the Ruleset selection criteria (use the minus button).

• Running Risk Analysis

  Hi Folks,
     I have installed CC 5.2 and ruleset to ECC are uploaded. Now, when i want to run risk analysis for User/Role from Informer. I dont see any user id from Backend system in User/Role option. I have checked everything,
  SLD is working ine
  JCo connectors are fine.
  RFC destination defined.
  Can someone help me in identifying problem?
  Thanks in acticipation.
  Regards,
  Priyank.

  Hi Priyanka,
  If you have successfully installed Virsa CC5.2 and uploaded Objects ans Rules, the plz follow the following procedure:
  1) Go to Configuration Tab->Background Job
  2)Click on "Schedule Analysis"
  3) In first Pane i.e. Sync Mode select Full Sync
  4)Select *User/Role/Profile Synchronization
  5)Select the system for put ***
  6)Dont select any other thing.
  7)click on Schedule
  8)Give a Valid name to this report.
  9)Click on Immediate
  Please check whether this report is successfully completed under Configuration Tab->Background Job->Search
  click on search
  If completed successfully, then  go to step 1 as above.
  This time select  All Check Boxes  under Batch Risk Analysis Pane and then select  Management Report check box in the last pane.
  Then schedule the job. After that only you'll be able to see the results in Informer Tab
  Reward  Points if it is useful
  Regards,
  Faisal

• GRC 5.3 Risk Critical Action reports return "no matches or conflicts"

  When running GRC 5.3 Risk Analysis Critical Action reports on either the user level or role level getting the message no matches or conflicts.
  However, Permission level reports are successfully returning correct results on the user and role level.
  This is a new installation of GRC 5.3 with latest SP.  Is there any set up that has to be done to run critical action analysis reports in GRC 5.3?
  This is also using the SAP default Global ruleset with no customisation.
  I have used GRC 10 to run the critical action reports and these work with using the critical risks as defined in the ruleset.  Does GRC 5.3 work a different way?  Is there any additional set up that has to be performed?  I just want to see the risks on role level or user level that relate to just the critical access risks (just 1 function).
  Please advise.

  Hi Trinadh
  Thank you for the response.  I did not know that you had to define the critical actions in 5.3 as I don't think you have to do it 10 - it seems to work on what is defined in the ruleset.  Where do you define the critical actions or check if it has been defined?
  Thanks

• GRC Risk analysis reports are not checking all possible risk conflicts set up in the rule set that lead to risks.

  Dear All,
  After running the risk analysis it shows only the first conflict for a risk in the rule set (Rule ID 0001). We have already Generated SOD ruleset. Also during migration from 5.3 to AC10.1 all the rulesets were imported properly.
  What could be reason??
  Thanks for your help.
  Regards,
  Abhisshek

  Abhisshek,
  there is already a thread with the same question:  Dear all I only get result for one rule id and not with others what should be an issue?
  Regards,
  Alessandro

• SAP GRC AC: Organizational rules at Batch risks analysis and Dashboards

  Dear All.
  I would like to know GRC AC is able to consider the organizational rules defined (for example: risk only affected to Company, BUKRS 0001) at the Batch risks analysis and at the Dashboard. I already know that for the ad-hoc reporting you can filter by the Org.rules created but i would like to know if this filter is also able for the Batch risks analysis.
  Thanks and regards.

  Dear all.
  As per my knowledge this parameter only sets the flag of Consider Org.Rules at the filters. This is what the guide indicates:
  "Setting the value to YES automatically selects the Consider Org Rule checkbox on the Risk Violations tab of the Access Request and
  Role Maintenance screens."
  So how are you so sure about that indicating this flag to YES will take into consideration the org rules at the Dashboards?
  Regards

• GRC AC 10:How to generate Access Rule? No output from User or Risk Analysis

  Hello Gurus,
  We have done configuration of GRC AC 10, and uploaded files via
  SoD rules -->Upload Rules
  After that we generated SoD rules for Risk Id : B001 and B002
  Now when we go to NWBC --> Reports & Analytics >Access Dashboards>Access Rule Library
  The report shows (for Group Rule level : Action)
  Number of Active rules : 0
  Number of Disabled Rules : 0
  Number of Functions :  151
  Where as for Group Rule level : Action Risk
  The report shows
  Number of Active Risk : 42
  Disabled risk : 161
  Nmr. of functions : 151 .
  When we perform Risk Analysis at User Level or Role Level, the output is empty !!!
  Note: All the background jobs have run successfully.
  Also the SoD files also have been uploaded successfully.
  Will you please guide how can i activate the "rules" for the uploaded risk ??
  regards,
  Victor

  Hello Victor/ Inder,
  For Risk ID B001functions are BS02 and BS11 if you open any one of them you can see system maintained as SAP BASIS which is SAP_BAS_LG (logical connector group).
  Post installation you can check in SPRO>Governance, Risk and Compliance-> common Component---> integration framework-> maintain connector and connector types->select SAP and click Define connector Group.
  BUSINESS     Business Roles     SAP
  SAP_BAS_LG     SAP Basis     SAP
  SAP_CRM_LG     SAP CRM     SAP
  SAP_ECC_LG     SAP ECCS     SAP
  SAP_HR_LG     SAP HR     SAP
  SAP_NHR_LG     SAP R3 - NON HR Basis Logical Group     SAP
  SAP_R3_LG     SAP R3     SAP
  SAP_SRM_LG     SAP SRM     SAP
  (If not present then manually you can create the same)
  Select SAP_BAS_LG and put connector type as SAP,  select SAP_BAS_LG and click Assign Connector group to group types as AM & LG, then click on Assign Connector to connector group and maintain you connector.
  Post this activity re generate SOD for B001 and then check for user level and role level analysis.
  Hope it will resolve your issue.
  Regards,
  Sudesh

• Risk analysis in GRC 10 error "Subnode COMPONENTCONTROLLER.1.SEARCH.RESULT"

  HI
  We have configured Risk analysis application within GRC 10. Also have executed the sync jobs. Now when i try to do SOD analysis i am getting an error "FPM application started without configuration" . this comes even before opening the link to SOD analysis is even open and this error comes for all type of SOD analysis like for user and role and HR object.
  I check the logs file and in logs system is complaing that "Subnode COMPONENTCONTROLLER.1.SEARCH.RESULT_TABLE" does not exist.
  Any idea why we getting this error message?
  Parven

  HI
  Connector is working fine as sync jobs are running perfectly.
  we have done the mimimum configuration setting as suggested by SAP guide ie Parameter 1023, 1024,1025 and 1026
  For activating BC sets i think we need to do that only when you using out of box SOD rules. In our case we are using customised SOD rules. So i think we dont need to activate the BC set.
  any other suggestion
  Parveen

• Risk Analysis at user level shows nothing in all 3 views though at role level shows risks of global rule set

  I am configuring ARA 10.1 for a ECC 6.0 plug in development system and facing this issue. Risk Analysis at user level shows no data  in all 3 views though at role level shows risks of global rule set. I am using Global rule set. I generated all risks/functions & using connector group as SAP_ECCS_LG not SAP_R3_LG.I activated common, R/3 & ECCS BC sets. Added integration scenario for AUTH. Run all 4 sync jobs multiple times successfully. My system already has decentralised EAM 10.1 implemented & even used in production as BAU. I have checked at both chrome & IE. The misleading thing is that RFC is also working fine & I can see risks in Risk Analysis at role level & risky roles are even assigned to valid users.GRC is at SP4 & accordingly is the ECC 6.0 plug in. Thanks in Advance. Please  consider it urgent.

  Hi,
  Assign ECC connector to SAP_ECCS_LG group.
  Run the programs GRAC_PFCG_AUTHORIZATION_SYNCand GRAC_REPOSITORY_OBJECT_SYNC) in full synch mode(this might take time so better do this in background). Better do it sequentially.Check the logs of the jobs in SLG1 just to ensure everythings fine.
  Run ARA for a specific user and mention the connector for faster output. Ensure this user has the role with risks.Also as explained earlier check the GUID against user id in table GRACUSERROLE and using GRACROLE you can find out the technical name of the role updated in the table. This should be same as the backend role.
  Then run ARA and while doing so please ensure the selection screen doesnt have any unwanted default inputs. If followed correctly , this should be of help.  I am assuming the role analysis yielded correct risks as configured since this would mean that connector have correct actions and basic config is in place.
  Regards,
  Vivek

• Risk Analysis in GRC 10.0

  Dear Experts,
  I have configured RAR in GRC 10.0. Sync jobs are successful. Batch risk analysis is sucessful.
  But when I tried to run a User/Role risk analysis I am not getting any result. I am not sure whether system has run risk analysis or not but I get the confirmation screen with blank result table. Please advise how to fix this issue.
  I appreciate your help.
  Thanks,
  Raj

  Hello Raj,
  Check the below points related to risk analysis
  1.check once the parameter id in configuration settings
  2.BC set activation
  3.while running risk analysis check backend system name and connector which is configured.

• Risk analysis Report Error in GRC AC 10.0

  Dear GRC,
  I had problem with Risk analysis Report in GRC Access Request form
  When i run the Risk analysis report on Action Level , Permission Level , Critical Action Level and Critical Permission Level then report showing as "No Violations" but if i run the Risk analysis report only on Critical Action Level and Critical Permission Level then report showing too many Violations.
  I maintained Action Level , Permission Level , Critical Action Level and Critical Permission Level as default risk analysis type in SPRO Configuration Parameters settings.
  i am not understanding why system behaves like this. Could you please help me on this.
  System Details : GRC AC 10.0 , SP-12
  Thanks a lot for swift response.
  Best Regards,
  RK

  Hi GRC Team,
  Please help me on this. I am waiting for your replay.
  Regards,
  KR