GRC CUP risk analysis

Hi,
Risk analysis give risk status result in balls like red in critical, light red in high,orange in medium.we want,it should say critical,high,medium and low intead of balls and simulate also give same result as risk analysis.we also don't want if critical conflict then it should not allow that role/roles/request to be approved by approver.In stages it already set as "no" for approve roles despite any conflict and also in mitigation too in configuration.
Thanks
Mushu.

Hi Mushu,
  None of these is possible in 5.x. You can not customize any of the screens or the process. Go for GRC 10.0 which will be going on ramp-up by end of december as that would allow you to customize most of the screens.
Alpesh

Similar Messages

  • CUP Risk Analysis results are not shown, continues processing request

    We have several users that complain the risk analysis in CUP never finishes. Requests do not contain risks or huge amount of risks which could explain a long runtime.
    With one user we checked, the user is never getting the risk analysis result on his screen. Sitting together with the user shows that the progress bar at bottom of IE is completing analysis, however the screen is not updated to show the risk analysis result and continues to show the processing circle.
    On other pc's CUP risk analysis result is shown as expected, so it must be some issue in local PC Internet Explorer settings.
    Environment used is Windows XP with IE 8. GRC version is 5.3.
    Have any of you experienced the same? And is there a solution available that will resolve this issue, by e.g. correcting settings in IE 8?

    Hello!
    If you want to successfully use GRC 5.3 with IE8, you have two options:
    1) Change a parameter in the server
    2) use the compatibility mode.
    3) Update NW
    refer to [Note 1347768 - Web Dynpro and Microsoft Internet Explorer Version 8.0|https://service.sap.com/sap/support/notes/1347768]
    I dismiss option 2, because it requires to change in every end user computer, so I've been working with option 1 without problems. Bear in mind that NW 7.01 is supported:  [Note 1433940 - Access Control compatibility on Netweaver Java server 7.01|https://service.sap.com/sap/support/notes/1433940]
    Cheers!
    Diego.

  • CUP Risk Analysis Error

    Hi Experts,
    OUR GRC AC system configuration is: GRC AC 5.3 CUP Patch 7.0. One of our enduser has requested for a new role through CUP. While the manager performs the risk analysis, it is showing the following error: "Risk Analysis failed: Exception in getting the result from the webservice: service call exception, nested exception is: java.net.socket Timeout Exception: Read timout".
    Below is the system log of CUP for futher reference:
    2009-12-02 11:08:41,428 [SAPEngine_Application_Thread[impl:3]_12] ERROR com.virsa.ae.core.BOException: Exception in getting the results from the web service : Service call exception; nested exception is:
                    java.net.SocketTimeoutException: Read timed out
    com.virsa.ae.core.BOException: Exception in getting the results from the web service : Service call exception; nested exception is:
                    java.net.SocketTimeoutException: Read timed out
                    at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
                    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1073)
                    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:300)
                    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:109)
                    at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
                    at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
                    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
                    at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
                    at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
                    at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
                    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
                    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
                    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
                    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
                    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
                    at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
                    at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
                    at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
                    at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
                    at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
                    at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
                    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
                    at java.security.AccessController.doPrivileged(AccessController.java:219)
                    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
                    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Caused by:
    com.virsa.ae.service.ServiceException: Exception in getting the results from the web service : Service call exception; nested exception is:
                    java.net.SocketTimeoutException: Read timed out
                    at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.getViolations(RiskAnalysisWS53DAO.java:343)
                    at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.getViolations(RiskAnalysisWS53DAO.java:451)
                    at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:569)
                    at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
                    at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
                    ... 24 more
    Caused by:
    java.rmi.RemoteException: Service call exception; nested exception is:
                    java.net.SocketTimeoutException: Read timed out
                    at com.virsa.ae.service.sap.ws53.Config1BindingStub.execRiskAnalysis(Config1BindingStub.java:90)
                    at com.virsa.ae.service.sap.ws53.Config1BindingStub.execRiskAnalysis(Config1BindingStub.java:99)
                    at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.getViolations(RiskAnalysisWS53DAO.java:311)
                    ... 28 more
    Caused by:
    java.net.SocketTimeoutException: Read timed out
                    at java.net.SocketInputStream.socketRead0(Native Method)
                    at java.net.SocketInputStream.read(SocketInputStream.java:153)
                    at java.io.BufferedInputStream.fill(BufferedInputStream.java:200)
                    at java.io.BufferedInputStream.read(BufferedInputStream.java:218)
                    at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.readLine(HTTPSocket.java:806)
                    at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.getInputStream(HTTPSocket.java:341)
                    at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.getResponseCode(HTTPSocket.java:250)
                    at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.HTTPTransport.getResponseCode(HTTPTransport.java:362)
                    at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.outputMessage(MimeHttpBinding.java:553)
                    at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1432)
                    at com.virsa.ae.service.sap.ws53.Config1BindingStub.execRiskAnalysis(Config1BindingStub.java:83)
                    ... 30 more
    Could anyone please analyze, where it went wrong.
    Thanks a lot in advance.
    Regards,
    Gurugobinda

    We are facing this issue as well. This is seen in requests where there are a lot of conflicting roles requested, or if the user on the backend already has many SoD conflicts.
    How many risk violations did show up in the RAR simulation? Seems that above 1000 you will get performance issues in CUP risk analysis.
    We are also on SP7 and we did receive a reply from SAP that the risk violation threshold can be changed in RAR as of SP9:
    =======================================================
    From CUP 5.3 SP9 onwards, we have one parameter in RAR in
    'Configuration>Risk Analysis>Performance Tuning' which will
    enable you to set threshold violation limit for the Risk Analysis web
    service. The name of the attribute is 'Threshold Violation Limit for webservice' and default value of this attribute is 1000.
    When you perform risk analysis from CUP and the violation data count
    exceeds this limit then error message will appear.
    Setting this attribute will help tuning your performance.
    ==========================================================
    Regards,
    Stefan.

  • Did CUP risk analysis change with SP7?

    Dear GRC experts,
    I am pretty sure when we tested CUP 5.3 SP4 when doing risk analysis it would only show new risks caused by new roles selected in request (like Risks from Simulation Only YES in RAR). Exisitng risks for that user would not be shown.
    Now with CUP 5.3 SP7 fix1 we get the existing risks shown as well not in any way related to the role(s) selected, which will be confusing to the role approvers. E.g. role request is display role, approver needs to run risk analysis and gets existing risks shown. He/she can not deselect roles to remove risks as only display role is in request. There might be no mitigating controls for those risks (creation of new mitigating controls is blocked). This would end up in requests with risks even though the requested role is not risk relevant, or even request gets stuck because no mitigatign control exists and config is set to do not allow approval of requests with risks.
    Please confirm if indeed only new risks where shown in CUP risk analysis in previous support pack levels or rel. 5.2, or that I am mistaken and all risks where always shown at risk analysis in CUP.
    Principally I think existing risks should be focus of GET CLEAN effort. Risk analysis in CUP should focus on preventing new risks at part of STAY CLEAN phase.

    Hi,
    When we run Risk Analysis for the user, it will show the existing violations as well as the violation which are there with new roles also.
    When we click on Risk Analysis under Simulation tab we can find Risk Violation details.
    Here I have a doubt, how to deselect violation role while approving request. I m unable to find that option. Please advice.
    Thanks & regards,
    KKRao.
    Edited by: KKRao_2020 on Oct 9, 2009 9:22 AM
    Edited by: KKRao_2020 on Oct 9, 2009 9:27 AM

  • GRC 5.3: CUP risk analysis VS. RAR risk analysis

    I've installed and configured RAR and CUP.  When I do a risk analysis simulation in RAR on a user for adding a role, it comes back with no conflicts.  When I go into CUP and make a new request for adding the same role to the same user, it comes back with risk violations, but it looks like they are critical actions that are being flagged.  Why is there a discrepancy, and how do I go about getting the same risks in CUP as I do in RAR?

    >
    Frank Koehntopp wrote:
    > I guess the behaviour is on purpose.
    >
    > In RAR, you can do a selective analysis on only one kind of risk. You usually only need to do that in the remediation process, where this kind of selection is helpful to track down the root cause (although I'd like to have an ALL option in RAR as well...)
    >
    > In CUP, you do want to see any kind of risk that might arise from a role assignement to a user.
    >
    > I have to say, I can not really understand why you'd want to switch off critical action or permission risks here. The user analysis in RAR and CUP serve two different purposes, hence I cannot see a bug here. If you have defined critical risks, why would you not want to see them???
    Hi Frank,
    I understand your point, but we are in the same situation as the others. We do not want to see Critical Action Risks in CUP because this is a separate process (for us) than Permission Level Risks Analysis piece. With our current structure, our Security Admins use RAR to run Permission Level Risk Analysis and mitigates appropriately. A separate compliance group uses the Critical Action reports to see who has what Critical tcodes, etc. We do not mitigate these "risks," we more or less use it as a report.
    I do not understand what you mean when you say "The user analysis in RAR and CUP serve two different purposes" - I feel it should be the same purpose, to ultimatley simulate if adding security to a user will cause SOD violations. If I have CUP configured to do Permission Level Analysis, that's all I want to be seeing in CUP.
    Let me know if I need to clarify further.

  • SAP GRC AC 5.3 CUP Risk Analysis issue

    Hi all,
    I have assigned a new SoD Role to a user, who has been given previously other SoD Roles that were authorized to assingn, then I launched the Risk Analysis and it shows the risk between the previously SoD Roles, but I want to see the new posible risks between the new SoD Role and the others.
    Is there any parameter into CUP to set up that controls the issue ? How must I do?
    Thanks in advance.
    Regards.

    Hi Chinmaya,
    Firstly, thanks for your help and support.
    According to the post, I mean when the user manager or approver, receives the request to assign one role to a user, the approver has to decide the needs of the user to use that role.
    Then the approver can check (clicking on Risk Analysis button) the number of concflicts or criticals risk that the user could violate. The issue is when the approver launched the anaylisis and it shows same conflict risks that have been mitigated in the previously assignment. It may show the possible risks between the new role and the others, isn´t it?, or instead of the case ,that the oldest risks are showed. Must that  risks showed  as mitigated?
    Thanks, regards.

  • GRC 10 - Risk Analysis in legacy system

    Hi everybody,
    I have a problem with legacy connectors in GRC 10. I implemented the note 1594963. So, I created the legacy files and storage it in GRC server.
    When I run the user synch, the legacy connector only synch the first record.
    Someone can help me? Someone did implement a risk analysis for legacy systems?
    Regards,

    Hi  Claudio Ekel
    Can you share some inputs on the Legacy Risk Analysis.
    We have configured the Legacy Connector as per the note 1594963 ; Placed the files on the server & tried running Synchronization Jobs. But the data is not getting uploaded to GRC10 .
    We made sure that text files are in UTF-8 format
    Is it mandatory to load all the 11 files that are provided in the note 1594963? We have excluded the Profile related files
    Can you share a sample of Legacy file formats that you have used for the sync.
    Can you throw some light on what could be the possible issues for data not getting uplaoded to GRC10?
    Regards,
    Pavan Muthyala

  • CUP : RISK ANALYSIS FAILED for Multi systems

    Greetings,
    Risk Analysis through CUP is failing on a request containing multi system access.
    There are 2 systems requested on the same CUP request form. At the stage of Risk analysis is to be performed the risk analysis errors out as the risk analysis is performed on the entire request across both the systems, After the receiving the error when an individual system is selected the RA is performed with out any failure on both the systems independent of each other
    I have check already check the below and they seem working fine without any issue
    1. The admin passwords have been checked in both the systems (backend) as well as in the UME.
    2. The risk analysis web service works as expected and there is no failure.
    3. The connectors have the same name both in CUP & RAR no difference
    4. SAPJCO connectors are appropriately setup in the SLD for both the systems and they work when tested out.
    5. The URI is setup correct and no issue identified there.
    6. Both the systems request have the same stage/path and the custom approver determination appropriately setup
    When the approver tries to approve the request Risk analysis is setup as a mandatory task and when the RA is performed the system takes the default "ALL" and errors out, when you choose a specific system and perform you get the required results without any failure. Below is the java dump for the error.
    Please let me know if I have missed anything?
    Line: -
    2011-03-09 10:16:11,264 [SAPEngine_Application_Thread[impl:3]_28] ERROR java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
    java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    2011-03-09 10:16:11,278 [SAPEngine_Application_Thread[impl:3]_28] ERROR Exception during EJB call, Ignoring and trying Webservice Call
    com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:295)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by:
    java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
         ... 28 more
    2011-03-09 10:19:32,401 [SAPEngine_Application_Thread[impl:3]_28] ERROR com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
    com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by:
    com.virsa.ae.service.ServiceException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
         at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:587)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         ... 24 more
    Edited by: Angara Rao on Mar 9, 2011 5:15 PM

    Greetings,
    Risk Analysis through CUP is failing on a request containing multi system access.
    There are 2 systems requested on the same CUP request form. At the stage of Risk analysis is to be performed the risk analysis errors out as the risk analysis is performed on the entire request across both the systems, After the receiving the error when an individual system is selected the RA is performed with out any failure on both the systems independent of each other
    I have check already check the below and they seem working fine without any issue
    1. The admin passwords have been checked in both the systems (backend) as well as in the UME.
    2. The risk analysis web service works as expected and there is no failure.
    3. The connectors have the same name both in CUP & RAR no difference
    4. SAPJCO connectors are appropriately setup in the SLD for both the systems and they work when tested out.
    5. The URI is setup correct and no issue identified there.
    6. Both the systems request have the same stage/path and the custom approver determination appropriately setup
    When the approver tries to approve the request Risk analysis is setup as a mandatory task and when the RA is performed the system takes the default "ALL" and errors out, when you choose a specific system and perform you get the required results without any failure. Below is the java dump for the error.
    Please let me know if I have missed anything?
    Line: -
    2011-03-09 10:16:11,264 [SAPEngine_Application_Thread[impl:3]_28] ERROR java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
    java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    2011-03-09 10:16:11,278 [SAPEngine_Application_Thread[impl:3]_28] ERROR Exception during EJB call, Ignoring and trying Webservice Call
    com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:295)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by:
    java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
         ... 28 more
    2011-03-09 10:19:32,401 [SAPEngine_Application_Thread[impl:3]_28] ERROR com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
    com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by:
    com.virsa.ae.service.ServiceException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
         at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:587)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         ... 24 more
    Edited by: Angara Rao on Mar 9, 2011 5:15 PM

  • ERM & CUP: Risk Analysis Error

    Hello everyone,
    Will someone please urgently help us with this issue?  Any suggestions are greatly appreciated!  : )
    We are on AC v5.3 SP 8.  In RAR, we are able to run a Risk Analysis both in the foreground and background across all users and roles.  However, when we try to run a Risk Analysis in ERM or CUP, we get an error saying that the "Risk Analysis Failed".  The other strange thing is that the error does occur for every role in ERM--just most of them.  Also, the ERM management dashboard reflects the correct number of roles in the SAP back-end system, but it says that there are 0 risk violations, which is incorrect.
    I have checked that the connectors into RAR successfully connect.  I have confirmed the servers.  I have re-run all of the background jobs in RAR, ERM and CUP, but nothing seems to be working.
    Is there anybody that can please help us?
    Thank you!
    Johonna

    Hello Amol,
    Thank you for your suggestions.  I have confirmed that the connectors, etc. are correct.  Here are some of the error logs u2026 any ideas?
    Thank you!
    Johonna
    95     12/15/09 12:20:51 PM     Running     Risk anaysis for role ZAU:FF_VFAT_ADMINISTRATOR failed
    95     12/15/09 12:21:21 PM     Running     Risk anaysis for role ZAU:FF_VFAT_ROLE_ADMINISTRATOR failed
    95     12/15/09 12:21:43 PM     Running     Risk anaysis for role ZAU:FF_VFAT_ROLE_CONTROLLER failed
    95     12/15/09 12:23:13 PM     Running     Risk anaysis for role ZAU:FI_AA_CLERK_AGN failed
    95     12/15/09 12:26:07 PM     Running     Risk anaysis for role ZAU:FI_AA_CLERK_GFA successful
    2009-12-15 14:36:17,889 [Thread-7999] ERROR Risk Analysis failed
    java.lang.Throwable: Risk Analysis failed at com.virsa.re.bo.impl.RiskAnalysisBO.performObjLvlRiskAnalysis(RiskAnalysisBO.java:733)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysis(RiskAnalysisBO.java:234)
         at com.virsa.re.backgroundjobs.RiskAnalysis.execute(RiskAnalysis.java:73)
         at com.virsa.service.backgroundjobs.BackgroundTask.run(BackgroundTask.java:53)
         at java.util.TimerThread.mainLoop(Timer.java:432)
         at java.util.TimerThread.run(Timer.java:382)
    2009-12-15 14:36:24,811 [Thread-7999] ERROR Risk Analysis failed for sytem: 'PRD'; Return Message: 'Risk Analysis failed'
    2009-12-15 14:36:24,811 [Thread-7999] ERROR com.virsa.core.service.ServiceException: Risk Analysis failed
    java.lang.Throwable: Risk Analysis failed
         at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getTranViolations(RiskAnalysisEJBDAO.java:331)
         at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingTransactions(RiskAnalysisEJBDAO.java:171)
         at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingTransactions(RiskAnalysisEJBDAO.java:205)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performTranLvlRiskAnalysis(RiskAnalysisBO.java:483)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysis(RiskAnalysisBO.java:229)
         at com.virsa.re.backgroundjobs.RiskAnalysis.execute(RiskAnalysis.java:73)
         at com.virsa.service.backgroundjobs.BackgroundTask.run(BackgroundTask.java:53)
         at java.util.TimerThread.mainLoop(Timer.java:432)
         at java.util.TimerThread.run(Timer.java:382)
    2009-12-15 14:36:34,561 [Thread-7999] ERROR Risk Analysis failed for sytem: 'PRD'; Return Message: 'Risk Analysis failed'
    2009-12-15 14:36:34,561 [Thread-7999] ERROR com.virsa.core.service.ServiceException: Risk Analysis failed
    java.lang.Throwable: Risk Analysis failed
         at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getObjViolations(RiskAnalysisEJBDAO.java:812)
         at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingObjects(RiskAnalysisEJBDAO.java:596)
         at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingObjects(RiskAnalysisEJBDAO.java:633)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performObjLvlRiskAnalysis(RiskAnalysisBO.java:693)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysis(RiskAnalysisBO.java:234)
         at com.virsa.re.backgroundjobs.RiskAnalysis.execute(RiskAnalysis.java:73)
         at com.virsa.service.backgroundjobs.BackgroundTask.run(BackgroundTask.java:53)
         at java.util.TimerThread.mainLoop(Timer.java:432)
         at java.util.TimerThread.run(Timer.java:382)
    2009-12-15 14:36:34,561 [Thread-7999] ERROR Risk Analysis failed
    java.lang.Throwable: Risk Analysis failed
         at com.virsa.re.bo.impl.RiskAnalysisBO.performObjLvlRiskAnalysis(RiskAnalysisBO.java:733)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysis(RiskAnalysisBO.java:234)
         at com.virsa.re.backgroundjobs.RiskAnalysis.execute(RiskAnalysis.java:73)
         at com.virsa.service.backgroundjobs.BackgroundTask.run(BackgroundTask.java:53)
         at java.util.TimerThread.mainLoop(Timer.java:432)
         at java.util.TimerThread.run(Timer.java:382)
    2009-12-15 14:36:42,218 [Thread-7999] ERROR Risk Analysis failed for sytem: 'PRD'; Return Message: 'Risk Analysis failed'
    2009-12-15 14:36:42,218 [Thread-7999] ERROR com.virsa.core.service.ServiceException: Risk Analysis failed
    java.lang.Throwable: Risk Analysis failed
         at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getTranViolations(RiskAnalysisEJBDAO.java:331)
         at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingTransactions(RiskAnalysisEJBDAO.java:171)
         at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingTransactions(RiskAnalysisEJBDAO.java:205)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performTranLvlRiskAnalysis(RiskAnalysisBO.java:483)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysis(RiskAnalysisBO.java:229)
         at com.virsa.re.backgroundjobs.RiskAnalysis.execute(RiskAnalysis.java:73)
         at com.virsa.service.backgroundjobs.BackgroundTask.run(BackgroundTask.java:53)
         at java.util.TimerThread.mainLoop(Timer.java:432)
         at java.util.TimerThread.run(Timer.java:382)

  • GRC CC Risk Analysis download to Excel SE characters

    Hi All,
    I have performed a Risk Analysis in our GRC CC5.2 and the output was good. I was able to read Swedish characters in the Internet Explorer. However, when I download the report into Excel and open the file locally from my hardware, I see the Swedish Characters as:
    Anna Sjöberg                                        (via GRC CC in IE, it display Anna Sjöberg)
    Gerd Jönsson                                       (via GRC CC in IE, it display Gerd Jönsson)
    Anyone have the same display issue with Swedish characters?
    Thanks.
    Raymond

    Hi Raymond,
    Kindly let me know which version of Microsoft Excel are you using??
    If you are using excel 2000
    Check the note 1282267
    Regards
    Gangadhar
    Edited by: gangadhar hm on Sep 4, 2009 1:08 PM

  • GRC AC10 Risk analysis error

    Hi Experts,
    We are getting error in Risk analysis.
    We have checked configuration, RFC, Batch Jobs, Rule Generation.
    Rules are showing active in Rules library, User and Roles are appearing while searching. I searched SMP for notes and sdn for similar issue but couldn't find anyone.
    During risk analysis, explorer gives dump -
    The URL call http://itdgrctest.itconline.in:8002/sap/bc/webdynpro/SAP/grac_sod_search_appln was terminated because of an error.
    Note
    The following error occurred in system G10 : File Could not be opened
    The error occurred on application server ITDGRCTEST_G10_02 and in work process 4 .
    The termination type was: ERROR_MESSAGE_STATE
    The ABAP call stack was:
    Method: UPDATE_FILE_DATA_DETAIL of program CL_GRAC_SOD_REPORTING=========CP
    Method: SET_VIOLATIONS of program CL_GRAC_SOD_REPORTING=========CP
    Method: WRITE_OUTPUT_TO_DB of program CL_GRAC_SOD_RISK_ANALYSIS=====CP
    Method: RISK_ANALYSIS of program CL_GRAC_SOD_RISK_ANALYSIS=====CP
    Method: DO_RISK_ANALYSIS of program /1BCWDY/0O2TMNDMBELX0AO58TG7==CP
    Method: IWCI_GRAC_RISK_ANALYSIS~DO_RISK_ANALYSIS of program /1BCWDY/0O2TMNDMBELX0AO58TG7==CP
    Method: EXECUTE_ANALYSIS of program /1BCWDY/0O2TMNDMBFK6DDPI1C1Q==CP
    Method: IF_SEARCH_VIEW~EXECUTE_ANALYSIS of program /1BCWDY/0O2TMNDMBFK6DDPI1C1Q==CP
    Method: ONACTIONSEARCH of program /1BCWDY/0O2TMNDMBFK6DDPI1C1Q==CP
    Method: IF_WDR_VIEW_DELEGATE~WD_INVOKE_EVENT_HANDLER of program /1BCWDY/0O2TMNDMBFK6DDPI1C1Q==CP
    What can I do?
    If the termination type is RABAX_STATE, you will find more information on the cause of termination in system G10 in transaction ST22.
    If the termination type is ABORT_MESSAGE_STATE, you will find more information on the cause of termination on the application server ITDGRCTEST_G10_02 in transaction SM21.
    If the termination type is ERROR_MESSAGE_STATE, you can search for further information in the trace file for the work process 4 in transaction ST11 on the application server. ITDGRCTEST_G10_02 . You may also need to analyze the trace files of other work processes.
    If you do not yet have a user ID, contact your system adminmistrator.
    Error Code: ICF-IE-http -c: 600 -u: SABITADA -l: E -s: G10 -i: ITDGRCTEST_G10_02 -w: 4 -d: 20111115 -t: 162851 -v: ERROR_MESSAGE_STATE -e: File Could not be opened -X: 005056A41E8C1ED183EF148A3F5AFCCF_005056A41E8C1ED183EF142157E41CCF_1 -x: A4780FE1FA51F1DD9CCF005056A41E8C
    The termination type was: ERROR_MESSAGE_STATE, we I checked in St11. There error log is -
    N  *** ERROR => System ID and client from ticket are not the same than mine. [ssoxxkrn.c   1061]
    N  {root-id=005056A41E8C1ED183EEA264CAA11CCF}_{conn-id=005056A41E8C1ED183EEA264C5BA5CCF}_1
    N  *** ERROR => Neither was ticket issued by myself nor can I find issuer in TWPSSO2ACL (see note 1055856). [ssoxxkrn.c   1067]
    N  {root-id=005056A41E8C1ED183EEA264CAA11CCF}_{conn-id=005056A41E8C1ED183EEA264C5BA5CCF}_1
    M
    M Tue Nov 15 16:02:49 2011
    M  *** ERROR => AdCvtRecToExt: unknown opcode 71 (AD_OPCODE_71), ser 0, ex 0, errno 0 [adxx.c       2472]
    M  {root-id=005056A41E8C1ED183EEA4E10D4C3CCF}_{conn-id=00000000000000000000000000000000}_0
    M  *** ERROR => AdCvtRecToInt: unknown opcode 71 (AD_OPCODE_71), ser 0, ex 1, errno 1 [adxx.c       2530]
    M  {root-id=005056A41E8C1ED183EEA4E10D4C3CCF}_{conn-id=00000000000000000000000000000000}_0
    M
    If anyone has encountered the similar issue and has found a solution, please reply.
    Thanks in advance, Regards,
    Sabita

    Hi Experts,
    Iam also facing the same issue as below..
    Please let me konow if nay one of you encountered same issue and how you  resolved..
    Error while processing your query
    What has happened?
    The URL call http://yashgrcsrv.sapyash.com:8010/sap/bc/webdynpro/SAP/GRAC_UI_SPM_OWNER_POWL was terminated because of an error.
    Note
    The following error text was processed in system G10 : The ASSERT condition was violated.
    The error occurred on the application server YASHGRCSRV_G10_10 and in the work process 1 .
    The termination type was: RABAX_STATE
    The ABAP call stack was:
    Method: IF_POWL_FEEDER~HANDLE_ACTION of program CL_GRAC_POWL_SPM_FFOWNER======CP
    Method: FEEDER_HANDLE_ACTION of program CL_POWL_MODEL=================CP
    Method: DISPATCH_ACTION of program CL_POWL_MODEL=================CP
    Method: DISPATCH_PREPARED_ACTION of program CL_POWL_TABLE_HELPER==========CP
    Method: ON_OBJECT_ACTION of program /1BCWDY/07CT55XNN6UHRCSZMBJE==CP
    Method: IF_TABLE_DATA~ON_OBJECT_ACTION of program /1BCWDY/07CT55XNN6UHRCSZMBJE==CP
    Method: ON_TOOLBAR_OBJECT_ACTION of program /1BCWDY/07CT55XNN6UHRCSZMBJE==CP
    Method: ON_TOOLBAR_OBJECT_ACTION of program /1BCWDY/07CT55XNN6UHRCSZMBJE==CP
    Method: IF_WDR_VIEW_DELEGATE~WD_INVOKE_EVENT_HANDLER of program /1BCWDY/07CT55XNN6UHRCSZMBJE==CP
    Method: INVOKE_EVENTHANDLER of program CL_WDR_DELEGATING_VIEW========CP
    What can I do?
    If the termination type is RABAX_STATE, you will find more information on the cause of termination in system G10 in transaction ST22.
    If the termination type is ABORT_MESSAGE_STATE, you will find more information on the cause of termination on the application server YASHGRCSRV_G10_10 in transaction SM21.
    If the termination type is ERROR_MESSAGE_STATE, you cansearch for further information in the trace file for the work process 1 in transaction ST11 on the application server. YASHGRCSRV_G10_10 . You may also need to analyze the trace files of other work processes.
    If you do not yet have a user ID, contact your system adminmistrator.
    Error Code: ICF-IE-http -c: 100 -u: GRCADMIN -l: E -s: G10 -i: YASHGRCSRV_G10_10 -w: 1 -d: 20111117 -t: 124258 -v: RABAX_STATE -e: ASSERTION_FAILED -X: 00188B01D3231EE1849D72367EF328EF_00188B01D3231EE1849D723252D408EF_1 -x: 91EB10E1F7B3F19FA8EF00188B01D323
    HTTP 500 - Internal Server Error
    Your SAP Internet Communication Framework Team
    Regards,
    Ravi Alluri.

  • CUP Risk analysis bad error message for TooManyViolationsException

    Hello,
    We are running CUP GRC-SAC-SAE 5.3_13.0 ( Build ID:04080510 ) with Compliance Calibrator 4.0 in our R/3 systems. We recently had a situation where the number of conflicts identified by CC was too large for CUP to handle. Instead of getting a serious error message that was meaningful, we got "x Access to all actions".  The request was approved (manually) for SODs, and the user ended up with an account that was outlandish.
    Has anyone else had this problem? Is there some threshhold that we could raise in CC?
    Any help or advice would be appreciated.
    Thank you.
    Jennifer
    The log shows the following:
    2011-04-25 19:03:15,023 [SAPEngine_Application_Thread[impl:3]_7] ERROR com.virsa.ae.service.TooManyViolationsException: Too many violations found.
    com.virsa.ae.service.TooManyViolationsException: Too many violations found.
         at com.virsa.ae.service.sap.RiskAnalysisDAO.determineRisks(RiskAnalysisDAO.java:224)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1161)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:381)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:118)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

    CUP denies requests with SAP_ALL, the message Access to all actions is typically the one you get when you have a user with SAP_ALL. When you say the request was approved manually do you mean you handeled it out of the CUP system or CUP approved the request despite giving you  the error message?
    Regards,
    Chinmaya

  • Risk Analysis failure in CUP

    Hi Experts,
    We have upgraded our sandbox from GRC Access Controls v5.2 to version v5.3 SP7. I am now getting the following error when doing CUP Risk Analysis to RAR:
    Risk analysis failed: Exception from the service : Risk Analysis failed
    Any ideas?
    The Connection Names are the same for CUP and RAR.
    Here is the CUP log for the error:
    2009-05-11 17:17:12,562 [SAPEngine_Application_Thread[impl:3]_36] ERROR com.virsa.ae.core.BOException: Exception from the service : Risk Analysis failed
    com.virsa.ae.core.BOException: Exception from the service : Risk Analysis failed
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1073)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:300)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:109)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by: com.virsa.ae.service.ServiceException: Exception from the service : Risk Analysis failed
         at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:586)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         ... 24 more

    Hello All,
    I am having the same issue in CUP
    EXCEPTION_FROM_THE_SERVICERisk Analysis failed
    com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed.
    The Password for the web service has not expired or the URI is the same as the CCRiskanalysis service and as well the connectors have the same name in RAR & CUP.
    It worked till yesterday and stopped working suddenly. Any help is appreciated.

  • How to verify Risk Analysis done for CUP request?

    We are on GRC 5.3 SP 13.
    Is there a way to verify whether a Risk Analysis was performed during a stage for a CUP request?
    We have a CUP request that should have generated a SOD Risk when it was processed.  However the closed request shows no risk or mitigations on it.  The approvers say they ran a Risk Analysis, and the workflow stage does have that set as mandatory.  Also, you do get SODs if you run a User Analysis for this userid in RAR directly, so it looks like the request should have had them also.
    Is there any way to verify whether a Risk Analysis was actually performed in the CUP request workflow stage?
    At this point I don't know if this is a problem with the CUP Risk Analysis, or if the user just didn't run one and the system let that  slip thru somehow.
    Thanks.

    I bellieve you can log into RAR>RAR Debugger>View Server Log>You can search on Analysis.  If your are getting any errors they will also show up here. 
    Example: 
    INFO: Foreground : Analysis starts:
    Mar 9, 2012 3:44:23 PM com.virsa.cc.xsys.meng.ObjAuthMatcher <init>
    FINEST: ObjAuthMatcher constructed: 0ms, #singles=11, #ranges=0, #super=0
    Mar 9, 2012 3:44:23 PM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO: Foreground : Analysis done: 55550000 elapsed time: 49 ms
    Mar 9, 2012 3:44:23 PM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO: Foreground : 1 out of 1 (100%) done
    Mar 9, 2012 3:44:23 PM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO: Foreground : All Analysis done,  elapsed time: 64 ms , memory usage: free=782M, total=2048M
    Mar 9, 2012 3:44:23 PM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis

  • GRC 5.3: CUP asks to perform risk analysis even when there are no risks in request

    Hi All,
    We recently upgraded from GRC 5.3 SP13 to SP22.
    The one issue which we are facing after upgrade is that now CUP is forcing approvers to do Risk Analysis, even when there are no risks in the CUP Request, that is Risk Tab is Green.
    Previously approvers were able to approve requests without doing risk analysis, if there were no risks in the request.
    CUP used to force them to do risk analysis only when there were risks associated with requests.
    But now, it is forcing approvers to perform risk analysis, even if there are no risks, i.e. approvers are not able to approve requests without any risks without doing risk analysis.
    Please advise.
    Thanks
    Aditi

    Hi,
    Can you check if any change is made in Configuration -> Workflow -> Stage -> Approvers
    Regards,
    Claudio

Maybe you are looking for

  • textarea data size limits

    We are using ColdFusion 8 and MS SQL Server 2005. We have a form with a <textarea> tag into which users are cutting and pasting large documents. When the form is saved, the text is truncated at 32,000 characters. We are using the POST method and savi

  • How do I change the size of my screen, in Develop Module, so that I can access the Exposure Slide in the right-hand colummn?

    The right-hand column, under the Develop Module, begins with the Histogram and directly under the Histogram, the Tone Curve is seen.  Missing is the Exposure Slide.  How do I change the size of the screen to show the Exposure Slide before the Tone Cu

  • TOSLink output to Analog Issue

    Hi All, My ATV hooks up fine to my projector for video, (ATV GaffTaped to Projector, HDMI jumper, Point at BigAss Screen, Apply Power, Done). The Audio is becoming a challenge. I'd like, ideally, to take the Optical Output from the ATV via a TOSlink

  • Transferring recordings from sky plus to macbook pro

    Does anyone know how I can transfer recorded programmes from my sky+ box to my mac? I've been hit a few times when the sky box crashes and needs replacing resulting in me losing some treasured recordings. I did have a DVD recorder but that has recent

  • RETURNING clause

    I have a table that has a PK value that is generated by a sequence that fetches sys_guid() for the value via an insert trigger. How can i insert a record and get the pk value that was generated in one statement? I know about the RETURNING clause and