GRC Risk analysis reports are not checking all possible risk conflicts set up in the rule set that lead to risks.

Similar Messages

• CUP Risk Analysis results are not shown, continues processing request

  We have several users that complain the risk analysis in CUP never finishes. Requests do not contain risks or huge amount of risks which could explain a long runtime.
  With one user we checked, the user is never getting the risk analysis result on his screen. Sitting together with the user shows that the progress bar at bottom of IE is completing analysis, however the screen is not updated to show the risk analysis result and continues to show the processing circle.
  On other pc's CUP risk analysis result is shown as expected, so it must be some issue in local PC Internet Explorer settings.
  Environment used is Windows XP with IE 8. GRC version is 5.3.
  Have any of you experienced the same? And is there a solution available that will resolve this issue, by e.g. correcting settings in IE 8?

  Hello!
  If you want to successfully use GRC 5.3 with IE8, you have two options:
  1) Change a parameter in the server
  2) use the compatibility mode.
  3) Update NW
  refer to [Note 1347768 - Web Dynpro and Microsoft Internet Explorer Version 8.0|https://service.sap.com/sap/support/notes/1347768]
  I dismiss option 2, because it requires to change in every end user computer, so I've been working with option 1 without problems. Bear in mind that NW 7.01 is supported:  [Note 1433940 - Access Control compatibility on Netweaver Java server 7.01|https://service.sap.com/sap/support/notes/1433940]
  Cheers!
  Diego.

• Org Rule anlaysis when performing mitigation from risk analysis report do not mitigate the user from management summary report message!

  Hi,
  When in the User Level>Mitigation screen this comment appears  (*). When taking the path to  ‘summary’(a) or ‘detail’ (b) doesn't change when we select the button  MITIGATE RISK (**).  What was the intent of the below message?
  What is the intent of the message ?

  Hi Pranjal,
  please see note: http://service.sap.com/sap/support/notes/1972382
  Regards,
  Alessandro

• Ad hoc Risk Analysis report is returning incorrect Risk Level for some Risks

  We are running GRC AC 10.0 with SP 16.  After application of Support Pack 16, some of our ad hoc risk analysis reports are returning incorrect risk levels.  For example:  Risk F024 Open closed periods and inappropriately post currency or tax entries is set as High.  When the Ad hoc report is run, the risk F024 will show on a user with a level of Medium.  We have generated our ruleset and have followed the normal procedures used to implement the support pack.  Any ideas what is causing this issue?  I have exhausted my knowledge and search attempts.
  Any help is appreciated.
  Sara B.

  Hi Kevin
  Many thanks for your post, we did run a full BRA but no luck unfortunately. Some Risks still reporting as Medium when they should be Critical or High. Oddly it is reporting correctly against some risks just not for all!
  Cheers
  Hussain

• Risk analysis Report Error in GRC AC 10.0

  Dear GRC,
  I had problem with Risk analysis Report in GRC Access Request form
  When i run the Risk analysis report on Action Level , Permission Level , Critical Action Level and Critical Permission Level then report showing as "No Violations" but if i run the Risk analysis report only on Critical Action Level and Critical Permission Level then report showing too many Violations.
  I maintained Action Level , Permission Level , Critical Action Level and Critical Permission Level as default risk analysis type in SPRO Configuration Parameters settings.
  i am not understanding why system behaves like this. Could you please help me on this.
  System Details : GRC AC 10.0 , SP-12
  Thanks a lot for swift response.
  Best Regards,
  RK

  Hi GRC Team,
  Please help me on this. I am waiting for your replay.
  Regards,
  KR

• I turned I tunes on and all 4000 songs are not checked do I have to check each one Please help

  I started the computer today and all my I tunes songs all 4000 are not checked do I have to check each one?
  Pleaswe help

  Hold the CTRL key and click any one of the empty boxes.

• Role Based Risk Analysis Report

  Hello All,
  When I executed the Risk Analysis report for a role with SOD Risk Level = ALL and Report type = SOD at Authorization Object level, the results come back as "NO CONFLICT FOUND".  this is the correct response.
  However, I executed the Risk Analysis report for the same role with SOD Risk Level = HIGH and Report type = SOD at Authorization Object level, the results come back SOD conflicts based on the conflicting transactions.  Is there a bug with analyzing roles using this option?
  Also, when I click on the Detail Report button, I received object data that does not appear correct.
  Please Help.  Thanks.
  Edited by: Michael Johnson on Apr 8, 2009 8:54 PM

  Hi Babiji,
  Are you using any specific tools for SOD's? If you are using GRC tool, then it can be done using compliance calibrator Role level Risk analysis.In addition to what Sneha has said,
  To find out the conflicting roles in CC version 5.2 the path is INFORMER->Risk Analysis->Role level.In Virsa 4.0 you have the option of carrying out risk anaysis at role level by executing the t-code /N/VIRSA/ZVRAT.
  In section Analysis type, choose Roles and enter the list of roles.
  In section SOD Risk level, choose the appropriate risk.
  Then choose the appropriate report type and report format before executing it.
  This will display all the roles with the levels of risk associated with it and then you can mitigate these as per your organizational policies & procedures.
  Thanks,
  Saby..

• Issue with risk analysis report in GRC10.0

  Hi All,
  We are running the user risk analysis report from NWBC: Reports and Analytics -> Access Risk Analysis Reports -> User Risk Violation report.
  This report is not fetching all the data even though user has all the required authorizations.
  We are getting the data when we execute the dashboard reports.
  Any one has idea?
  Cheers
  Hari

  Alessandro,
  Thanks for the reply. I am aware of this.
  Problem is when dash board report is showing the risk for the user but risk anaylsis report in Reports and Analytics is not showing the risks to that user.
  As per our investigation, the risk data that is displaying in the risk anaylsis report in Reports and Analytics is incomplete. We didn't find any errors in SLG1. Also there is no issues from authorizations side.
  Regards
  Hari

• GRC_10 Risk Analysis Report

  Hi,
  i should extend the risk analysis report with more details from diffrent tables, they hold special role details.
  I havent found an idea how to do this.
  Could i extend the standard report for risk analysis with more columns?
  Is there something like user.exits or enhancement-points?
  thank you very much indeed
  best regards
  Alex

  Hi Alex,
  did you have a chance to look at standard SAP Help information about different types of reports and information available?
  If not yet -please take a look at:
  Risk Analysis Reports - SAP GRC Access Control - SAP Library
  What exactly information you would like to add to reports?
  Standard reports can by customized by adding some additional fields which are hidden in standard view.
  There is also an option to add custom fields and data,
  Lets us know,
  Filip

• Web Analysis report is not coming with the border/logo/heading while print

  Hi All,
  I am using 9.3.1 version of hyperion planning were Web Analysis report is not coming with the border/logo/heading while printing with the option "print all object", Only the data grid is coming in the print. If I use "print screen" it is coming with border/logo/heading but it gives a screenshot of the report, that won't cater out need.
  So please suggest us with a resolution to have border, logo and heading, while using Print all object.
  Thanks with regards....
  Rao

  Hi Sagar,
  In scripts when you will see print preview the logo will be not shown up with clarity.Take the print out of the document and check whether logo is printing up with clarity.
  Thanks
  Phani

• Risk analysis reports in IDM 6.0

  Hi
  I was trying to run risk analysis report to detect deleted users in Red hat linux. I was not sure what report to run. I tried various things like user report, resource accoutn report etc. However these reports gave the the list of users deleted in IDM but not the resource. Can i somehow create a customized report to do this?
  Any help regarding this matter is appreciated
  Thanks
  Man

  Hi,
  Please check following path in easy access
  1) Accounting ->Controlling -> Product Cost Controlling ->Product Cost Planning ->Information System
  2) Accounting ->Financial Accounting ->Fixed Assets ->Information System
  Best Regards,
  Madhu

• Transporting reports are not overwritten

  Hi,
  Problem related to Transportation:
  I transported some reports from DEV to QA. After that I made some changes on the transported reports and again I transported with another request, but those reports are not overwritten.
  can you please post some points how can I solve this..
  Regards
  Rajesh

  Hi rajesh,
  Have you released the early transport request.
  After doing changes in reports have you activated all  and saved in request.check it.
  Try to collect all in Transport connection in one request once again and transport the same to QA.
  Let us know status....
  Reg
  Pra

• Risk Analysis Reports Format

  Hello Experts,
  What is main difference between Risk Analysis Report Formats ....
  Summary
  Detail
  Management Summary
  Executive Summary
  Please explain in depth and which scenarios we are using these reports. Please give a one business example.
  Regards,
  Babu

  Dear Babu,
  trying to help you.
  Summary: gives you an overview of conflicts on action level. Can be used to discuss with business what is causing the risk.
  Detail: gives you an overview of conflicts on authorization level. Can be used to analyze how a conflict can be removed.
  Management summary: gives you an overview of risks on user level. Can be used to report how many risks are currently in the system on user level. E.g. userA has 3 risks, userB has 2 risks, etc.
  Executive Summary: gives you an overview of risks on risk level. Can be used to have a general overview of applicable risks in the system. E.g. riskA has no conflicts, riskB has 7 conflicts, etc.
  Best if you just analyze and you will see the differences. If you have a particular question do not hesitate to contact us.
  Regards,
  Alessandro

• BI publisher report is not showing all the data

  Hi All,
  I have created a report using BI Publisher in R12. The report is not showing all the records.
  I have checked the result XML it is also not having all the data. My query returns 846 rows but my report only has 662 rows.
  what might be the issue.please give me some idea to resolve this issue.
  Thanks in advance.
  Regards,
  P.Kalidoss

  Hi Arun,
  In the following code: public SelectItem[] getAllPrinters() {
  if (allPrinters == null) {           // allPrinters is not defined. what type of object it is
  PrintService[] printers = PrintServiceLookup.lookupPrintServices(null, null);
  allPrinters = new SelectItem[printers.length];
  for (int i = 0; i < printers.length; i++) {
  SelectItem printer =
  new SelectItem(printers.getName(), printers[i].getName());
  allPrinters[i] = printer;
  return allPrinters;;;
  Variable allPrinters is not defined. what type of object it is?
  And also the same variable is referenced here <af:selectOneChoice label="Available Printers" partialTriggers="cb1"
  value="#{pageFlowScope.applicationPrinterBean.selectedPrinter}"
  id="soc1"
  autoSubmit="true">
  <f:selectItems value="#{pageFlowScope.applicationPrinterBean.allPrinters}" id="si1"/>
  </af:selectOneChoice>.
  Thanks.

• InfoPath form load rule is not checking all the rows in form library

  Hi,
  Requirement:
  We have a form library named "HR Annual Review". In the InfoPath form we have two buttons "Save" and "Submit". User is allowed to Save multiple times and only once using Submit button. The file name of form library "HR
  Annual Review" will be stored in the format “<username>+<mm>+<dd>+<yy>.xml”. Say for example, an user named Mike Walt submitted a form then the file name will be as “MikeWalt012314.xml”. If the same user (Mike Walt)
  submits the form and tries to open the form for subsequent edit, then we need to show a view which has an error info saying “The Appraisal is already submitted for the current appraisal cycle”.
  Solution we tried:
  To achieve the above requirement, we tried using InfoPath Form Load and add a rule to check whether the combination of current user name and the year already exists in the filename column of the form library. But the rule we applied is not checking all the
  rows in the form library. The rule is always checking the first row of the form library.
  What we need:
  We need the validation using InfoPath rule or some other way/solution to check whether the combination of current login username and current year file already exists in the form library.
  Thanks in advance.
  Srivignesh J

  Hi Srivignesh,
  Submit button Uses the Main Data connection to submit the data to the list. This is what you are using and naming the file in the format. You can create secondary data submit that will update the exiting item in the list. With this, you don't have to create
  any rules to check all the rows which is also not possible in OOB InfoPath.
  Once you have the two data connection, hide the toolbar from the form and display these two on the button. For The Submit button, apply the rule to hide the button if created by is not empty. For Save button, apply the rule to hide the button if Created
  By is empty. This way, when a new form is created, you will see the Submit button, and when the user have to update the form, they will see Save button. Hope it help.s
  Regards, Kapil ***Please mark answer as Helpful or Answered after consideration***