Integration of AC & PC 10.0 for Mitigation controls
Hi,
We are trying to integrate the mitigation controls of AC 10.0 with PC 10.0. We are on SP7 of 10.0
We created Business process in AC in backend GRC System under SPRO- IMG-GRC-AC-Maintain SP & SBP.
These business processes are not appearing in the drop down list of the Business process where we can attach in the PRocess control Business process.
Onlyfew business processes are appearing. Not all are appearing for linkage.
Also, we observed that when BP is created in Backend for AC 10.0 it is appearing only for some time and later disappearing in the list.[Drop down is incomplete with all BPs available in AC10.0]
Is there any issue with respect to date.
Thanks and Best Regards,
Srihari.K
Hi All,
We identified that a business process cannot be assigned multiple times. Once a BP of AC s linked to a BP in Process Control it will not allow to the same BP to assign to another BPs in PC.Hence the open list is only appearing.
Thanks and Best Regards,
Srihari.K
Similar Messages
-
Maintain Validity Date for Mitigation Control Assignment to Users Virsa 5.2
We have over 1,000 SoD's all mitigated. The val;idity date for these mitigation controls needs to be updated. Does anyone know a way to perform a range of updates so it is not necessary to update each user assigned to a Mitigation Control.
The only way to do that currently would be to download the table information, edit in Excel and re-upload the table.
Not for the faint of heart, but doable.
Frank. -
Table for mitigation control frequency
Hi,
We are trying to build a program to be able to send notifications to mitigation monitors. For this I am trying to find the tables where the relevant details of the mitigation controls are located.
I need the following information from the tables:
1. Mitigation ID - I have found this in HRP5354
2. Mitigation Name - I have found this in HRP1000
3. Mitigation Monitor - I have found this in HRT5320
4. Tcode in Reports - I have found this in HRT5320 + GRACACTION
5. Frequency - I have NOT found this.
The #5 - frequency of the report action is something that I am still missing. Please help me with the info, also suggest if there is a better way to get this information. Thanks!!
Thanks,
SammukhHi Sammukh,
you can find the frequency in table GRFNCNREPORT.
In general you can easily find the tables with SE11 to check where the object is used.
Hope this helps.
Regards
Alessandro -
Request creation error for mitigation control workflow
Dear Expert,
I had activiate the workflow from RAR to CUP on Mitigated User assignment, I had completed following customizing:
1)RAR->configaration->Workflow
2)CUP->configaration->initiator, stage, path.
but when I created mitigated user assignments in RAR, after click "Submit", error popup: "Request creation error"
can some one help?
thanks!Dear,
the log is below:
ERROR service 'SAPGW00' unknown
TIME Thu May 20 13:33:16 2010
RELEASE 701
COMPONENT NI (network interface)
VERSION 38
RC -3
MODULE niuxi.c
LINE 1732
DETAIL NiPGetServByName2: service 'SAPGW00' not found
SYSTEM CALL getservbyname_r
COUNTER 375
May 20, 2010 1:33:16 PM com.virsa.cc.common.SAPAdapter serverExceptionOccurred
INFO: Exception in Server YYY:
com.sap.mw.jco.JCO$Exception: (129) JCO_ERROR_SERVER_STARTUP: Server startup failed at Thu May 20 13:33:16 CST 2010.
This is caused by either a) erroneous server settings, b) the backend system has been shutdown, c) network problems. Will try next startup in 3600 seconds.
Could not start server: Connect to SAP gateway failed
Connect parameters: TPNAME=YYY GWHOST=visoil01 GWSERV=SAPGW00
ERROR service 'SAPGW00' unknown
TIME Thu May 20 13:33:16 2010
RELEASE 701
COMPONENT NI (network interface)
VERSION 38
RC -3
MODULE niuxi.c
LINE 1732
DETAIL NiPGetServByName2: service 'SAPGW00' not found
SYSTEM CALL getservbyname_r
COUNTER 375
May 20, 2010 1:33:16 PM com.virsa.cc.common.SAPAdapter serverExceptionOccurred
INFO: Exception in Server YYY:
com.sap.mw.jco.JCO$Exception: (129) JCO_ERROR_SERVER_STARTUP: Server startup failed at Thu May 20 13:33:16 CST 2010.
This is caused by either a) erroneous server settings, b) the backend system has been shutdown, c) network problems. Will try next startup in 3600 seconds.
Could not start server: Connect to SAP gateway failed
Connect parameters: TPNAME=YYY GWHOST=visoil01 GWSERV=SAPGW00
ERROR service 'SAPGW00' unknown
TIME Thu May 20 13:33:16 2010
RELEASE 701
COMPONENT NI (network interface)
VERSION 38
RC -3
MODULE niuxi.c
LINE 1732
DETAIL NiPGetServByName2: service 'SAPGW00' not found
SYSTEM CALL getservbyname_r
COUNTER 375
May 20, 2010 1:33:16 PM com.virsa.cc.common.SAPAdapter serverExceptionOccurred
INFO: Exception in Server YYY:
com.sap.mw.jco.JCO$Exception: (129) JCO_ERROR_SERVER_STARTUP: Server startup failed at Thu May 20 13:33:16 CST 2010.
This is caused by either a) erroneous server settings, b) the backend system has been shutdown, c) network problems. Will try next startup in 3600 seconds.
Could not start server: Connect to SAP gateway failed
Connect parameters: TPNAME=YYY GWHOST=visoil01 GWSERV=SAPGW00
ERROR service 'SAPGW00' unknown
TIME Thu May 20 13:33:16 2010
RELEASE 701
COMPONENT NI (network interface)
VERSION 38
RC -3
MODULE niuxi.c
LINE 1732
DETAIL NiPGetServByName2: service 'SAPGW00' not found
SYSTEM CALL getservbyname_r
COUNTER 375
May 20, 2010 1:33:16 PM com.virsa.cc.common.SAPAdapter serverExceptionOccurred
INFO: Exception in Server YYY:
com.sap.mw.jco.JCO$Exception: (129) JCO_ERROR_SERVER_STARTUP: Server startup failed at Thu May 20 13:33:16 CST 2010.
This is caused by either a) erroneous server settings, b) the backend system has been shutdown, c) network problems. Will try next startup in 3600 seconds.
Could not start server: Connect to SAP gateway failed
Connect parameters: TPNAME=YYY GWHOST=visoil01 GWSERV=SAPGW00
ERROR service 'SAPGW00' unknown
TIME Thu May 20 13:33:16 2010
RELEASE 701
COMPONENT NI (network interface)
VERSION 38
RC -3
MODULE niuxi.c
LINE 1732
DETAIL NiPGetServByName2: service 'SAPGW00' not found
SYSTEM CALL getservbyname_r
COUNTER 375
May 20, 2010 1:33:16 PM com.virsa.cc.common.SAPAdapter serverExceptionOccurred
INFO: Exception in Server YYY:
com.sap.mw.jco.JCO$Exception: (129) JCO_ERROR_SERVER_STARTUP: Server startup failed at Thu May 20 13:33:16 CST 2010.
This is caused by either a) erroneous server settings, b) the backend system has been shutdown, c) network problems. Will try next startup in 3600 seconds.
Could not start server: Connect to SAP gateway failed
Connect parameters: TPNAME=YYY GWHOST=visoil01 GWSERV=SAPGW00
ERROR service 'SAPGW00' unknown
TIME Thu May 20 13:33:16 2010
RELEASE 701
COMPONENT NI (network interface)
VERSION 38
RC -3
MODULE niuxi.c
LINE 1732
DETAIL NiPGetServByName2: service 'SAPGW00' not found
SYSTEM CALL getservbyname_r
COUNTER 375
May 20, 2010 1:33:16 PM com.virsa.cc.common.SAPAdapter serverExceptionOccurred
INFO: Exception in Server YYY:
com.sap.mw.jco.JCO$Exception: (129) JCO_ERROR_SERVER_STARTUP: Server startup failed at Thu May 20 13:33:16 CST 2010.
This is caused by either a) erroneous server settings, b) the backend system has been shutdown, c) network problems. Will try next startup in 3600 seconds.
Could not start server: Connect to SAP gateway failed
Connect parameters: TPNAME=YYY GWHOST=visoil01 GWSERV=SAPGW00
ERROR service 'SAPGW00' unknown
TIME Thu May 20 13:33:16 2010
RELEASE 701
COMPONENT NI (network interface)
VERSION 38
RC -3
MODULE niuxi.c
LINE 1732
DETAIL NiPGetServByName2: service 'SAPGW00' not found
SYSTEM CALL getservbyname_r
COUNTER 375
May 20, 2010 1:33:16 PM com.virsa.cc.common.SAPAdapter serverExceptionOccurred
INFO: Exception in Server YYY:
com.sap.mw.jco.JCO$Exception: (129) JCO_ERROR_SERVER_STARTUP: Server startup failed at Thu May 20 13:33:16 CST 2010.
This is caused by either a) erroneous server settings, b) the backend system has been shutdown, c) network problems. Will try next startup in 3600 seconds.
Could not start server: Connect to SAP gateway failed
Connect parameters: TPNAME=YYY GWHOST=visoil01 GWSERV=SAPGW00
ERROR service 'SAPGW00' unknown
TIME Thu May 20 13:33:16 2010
RELEASE 701
COMPONENT NI (network interface)
VERSION 38
RC -3
MODULE niuxi.c
LINE 1732
DETAIL NiPGetServByName2: service 'SAPGW00' not found
SYSTEM CALL getservbyname_r
COUNTER 375
May 20, 2010 1:33:16 PM com.virsa.cc.common.SAPAdapter serverExceptionOccurred
INFO: Exception in Server YYY:
com.sap.mw.jco.JCO$Exception: (129) JCO_ERROR_SERVER_STARTUP: Server startup failed at Thu May 20 13:33:16 CST 2010.
This is caused by either a) erroneous server settings, b) the backend system has been shutdown, c) network problems. Will try next startup in 3600 seconds.
Could not start server: Connect to SAP gateway failed
Connect parameters: TPNAME=YYY GWHOST=visoil01 GWSERV=SAPGW00
ERROR service 'SAPGW00' unknown
TIME Thu May 20 13:33:16 2010
RELEASE 701
COMPONENT NI (network interface)
VERSION 38
RC -3
MODULE niuxi.c
LINE 1732
DETAIL NiPGetServByName2: service 'SAPGW00' not found
SYSTEM CALL getservbyname_r
COUNTER 375
May 20, 2010 1:33:16 PM com.virsa.cc.common.SAPAdapter serverExceptionOccurred
INFO: Exception in Server YYY:
com.sap.mw.jco.JCO$Exception: (129) JCO_ERROR_SERVER_STARTUP: Server startup failed at Thu May 20 13:33:16 CST 2010.
This is caused by either a) erroneous server settings, b) the backend system has been shutdown, c) network problems. Will try next startup in 3600 seconds.
Could not start server: Connect to SAP gateway failed
Connect parameters: TPNAME=YYY GWHOST=visoil01 GWSERV=SAPGW00
ERROR service 'SAPGW00' unknown
TIME Thu May 20 13:33:16 2010
RELEASE 701
COMPONENT NI (network interface)
VERSION 38
RC -3
MODULE niuxi.c
LINE 1732
DETAIL NiPGetServByName2: service 'SAPGW00' not found
SYSTEM CALL getservbyname_r
COUNTER 375
May 20, 2010 2:10:50 PM com.virsa.cc.workflow.bo.WorkflowBO submit
INFO: END POOINT URL: http://9.186.143.129:50100/AEWFRequestSubmissionService_5_2/Config1?style=document
May 20, 2010 2:10:50 PM com.virsa.cc.workflow.bo.WorkflowBO submit
INFO: before submit:
May 20, 2010 2:10:50 PM com.virsa.cc.workflow.bo.WorkflowBO submit
INFO: wftype: MITIOBJ reqid: GRC01
May 20, 2010 2:10:50 PM com.virsa.cc.rulearchitect.dao.dto.MitObjDTO getObjContext
FINEST: validfrom: 2010-05-20 validto: 2011-05-20
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: String
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: MITREFNO
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: MOMITREFNO
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: CT01
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: String
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: RISKID
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: MORISKID
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: ZC02
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: String
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: LANG
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: LANG
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: EN
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: String
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: MONITORID
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: MONITORID
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: GRC01
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: Integer
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: STATUS
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: MOSTATUS
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: 0
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: DATE
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: VALIDFROM
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: VALIDFROM
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: 05/20/2010
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: DATE
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: VALIDTO
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: VALIDTO
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: 05/20/2011
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: String
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: BU ID
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: BUID
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: null
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: String
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: Approver ID
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: MOAPPROVERID
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: null
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: String
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: OBJTYPE
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: OBJTYPE
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: U
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Data Type: String
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Descripton: OBJID
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Name: OBJID
May 20, 2010 2:10:50 PM com.virsa.cc.xsys.aewf.SubmitAEWorkflow setProcessContext
INFO: Value: 207471
May 20, 2010 2:10:50 PM com.virsa.cc.workflow.bo.WorkflowBO submit
INFO: Return code: 2010 Message: com.virsa.ae.core.ObjectNotFoundException: Invalid Priority Value : MO_HIGH workflow id: null Status: null
May 20, 2010 2:10:50 PM com.virsa.cc.workflow.bo.WorkflowBO submit
WARNING: 2010: null -
Mass maintenance of Mitigation controls in GRC 10.0
Dear All,
How to do mass maintenance of mitigation in ARA of GRC 10.0. We successfully migrated the mitigation controls from 5.3 to 10.0. I need to change the monitors for many user conflicts and also add new user conflict mitigation controls. Is it possible to do a mass changes in GRC 10.0 as there is no upload functionality for mitigation controls
Thanks and Best Regards,
Srihari.KHi Sri,
you can achieve by downloading and uploading the mitigations.
Go to SE38 and use the following program GRAC_DOWNLOAD_MIT_ASSIGNMENTS to download the file and make necessary changes to it and upload the file by using the following program GRAC_UPLOAD_MIT_ASSIGNMENTS.
and put the active column in the file as X.
Regards,
Venugopal Ireni -
Hi all,
We have configured Mitigation Controls and mitigated some of the users. We have the following queries in this regard:
a) When we run the SoD anlaysis for that particular user we could able to see only half description of the Mitigation Control.
Is there any limitation for the space or the parameters for the Mitigation Control Description.We are unable to see the entire description of the Mitigation Control (If the mitigation control is more than 7-8 lines) in the Detailed Report screen as well. Even after downloading into a spreadsheet also we are getting only the part of the mitigation control and not the entire description of the mitigation control
b) A risk ID can be addressed by 2 or 3 mitigation controls. In this scenario,we have assigned 2-3 mitigation controls to one Mitigated user for mitigation. When we run SoD analysis we could able to see only the latest mitigation control assigned to the user in the report format (say out of 3 assigned only the 3rd one assigned is being shown).
But when we did a search for Mitigation controls with the Risk ID & User ID combination then it is throwing all the 3 mitigation controls. But the same is not shown in SoD violations reports
Is there anything to do with the parameters set up or at the configuration side to resolve this.
Please provide the procedure also in case of any changes to be made at configuration level.
Thanks and Best Regards,
SriHi Vit,
Thanks for your reply. We crosschecked and you are correct that the space limitation is only for 132 characters in this table.
Is there a way to get the mitigation control whole description or do we need to stick to this limitation itself.
Also, when we did a search for Mitigation Control it gives only Mit.ID, Mit Control Desc, BU and Management approver. Whether there are any tables (from SAP Backend) or reports where we can get the Risk Ids including the above addressed by the mitigation controls.
Thanks and Best Regards,
Sri -
Validity period mitigating control
Hi,
I checked this forum but didn't find any helpful thread for my question. We are using GRC version 5.3. Is there any SAP report or tables available that would show history of mitigating controls per user? In running the Compliance Calibrator for a user, SOD issues were present that we didn't expect because we thought existing mitigating controls were applied and that we were regularly monitoring this user for the associated risks. We thought that the problem might be that the validity period might have expired, but our corporate security group currently doesn't even show the mitigating control for the user. I wanted to look at the history of the mitigating control for the user to see if I could validate their claim.
Thanks,
JohnHi,
First of all, there's a special forum for GRC: "Governance, Risk and Compliance".
Check under RAR-> configuration tab:
Default expiration time for mitigating controls (in days)
When assigning a mitigating control to a risk, you must specify the validity period of the controlIf the End Date is left blank, the value in this option is used to calculate the end date of the validity period; the default value is 365 (days)
Check also under CUP->configuration->mitigation.
You'll be able to find the documentation for this configuration parameters in the corresponding Config Guide.
Regarding Mitigation controls per user, I guess you can just check RAR -> Mitigation tab.
Cheers,
Diego. -
Mitigating Control creation and application in SAP GRC 10
Hi Expert,
We have SAP GRC Access Control 10 being implemenmted for our client. While trying to create Mitigating Control, we just realized that Before creating mitigating controls you need to create a Root Org entry, this replaces the Business Units in previous AC versions which is visible only when we activate the GRC-PC Application.
My queries are:
1. Is it that Mitigation control can only be created if PC is enable.
2. What about Licencing if GRC-PC Application is used for Mitigating Control Creation.
Thanking you i advance.
Thanks & Regards,
Abhimanu Kumar SinghHI,
Thank you for the response, I just checked and could find that I can create Mitigating control without PC application. It is just that PC relevant fields are not displayed.
However can anybody answer as to what happens if I use PC to create Mitigating Control, Do I have to purchase the license for SAP GRC PC or it is ok for shared resources.
Thanks again.
Thanks & Regards,
Abhimanu Kumar Singh -
GRC 5.3 mitigation control
Dear Guys,
Please help me to understand the concept of mitigation control in GRC 5.3 and when it is useful and at what time we need to implement mitigation control.
How could we mitigate user and on what criteria....????
Also some brief about control monitor.
Thanks in Advance......Hi Arpit,
Steps for remediation and mitigation strategy is as below,
Once you do risk analysis, you have the list of risk available in your system, after this you have the option to remove (Remediate) risk by removing conflicting permission or action from role.
OR
there is scenario where you have to accept the risk in this case you have to opt for mitigation control, just consider one example given below,
Function A: Create PO
Function B: Release PO
Above two functions are conflicting and create risk in standard process, so as a standard practice, in reference to compliance SAP recommends to have two people doing it separately, but customer might not be having 2 postions in org to separate this, so customer has to accept the risk and create mitigation control to document this and put the monitoring control so one person can perform this function.
This way it is helful to follow the compliance and when audit happens customer can show that they have identified the risk and documented it and put alternate monitoring control, so the risk cannot be misused.
Hope this helps you understand it.
BR,
Mangesh -
GRC AC V10 - Mitigation Control Approval Workflow
Hi guys,
can me explain somebody the difference between the processID SAP_GRAC_CONTROL_ASGN und SAP_GRAC_CONTROL_MAINT?
And as well can somebody provide me the initiator rule ID for both so that we can have a detailed look into the brfplus rule.
We only want to mitigate controls via an controlowner approval and not a process for the creation of new controls.
That means an asisgnment approval workflow for mitigation controls.
Thanks a lot.Hello Alexa,
Did you ever employ SAP_GRAC_CONTROL_ASGN ? Were you able to identify the included agents ?
I am interested in identifying approvers for mitigating controls who can be included in the workflow but are not risk owners. Would you have any suggestions for this type of agent ?
Any information would be appreciated.
Thanks,
Jamie -
Report Tab in Mitigation Control
Dear Experts,
Can anyone explain me the purpose/usage of Report Tab in Mitigration Control. I have browsed the forum but could not understand the actual need of this tab as I found different answers.
Thanks,
RajHI Raj,
Access Controls is used as a documental tool for Mitigating Controls, rather than a implementing tool, i.e. you apply the control against the role/user, but the actual application of the control is performed outside of Access Control. This may be realized by running a custom SAP report to monitor the usage of the risky functions within the ECC system etc.
Access Control allows you to document such reports against the Mitigation Control, so this is the purpose of the tab. Given that GRC 10.0 integrates AC and PC, Mitigating Controls is master data that is shared amongst the different GRC modules, so I get the feeling Process Controls might utilize the "Report" data and check if the reports are being monitored by the control monitor/s at the scheduled frequency etc. -
RAR: Mitigation Control Monitoring
Hi,
I have configured and executed alert generation job but we are not able to obtain the alerts for mitigation control monitoring.
What we have done:
1) Define mitigation control including transaction XXXX to be executed daily
2) Monitor has executed thansaction XXXX on day 1
3) Alert generation job has been executed on day 1 (after step 2)
3) Monitor has not executed transaction XXXX on day 2
4) Alert generation job has been executed on day 2 BUT alert for control monitoring are not obtained.
Does anyone know why we are not getting the alerts for control monitoring?
Thanks in advance. Kind regards,
ImanolWhat is value of number of days for this Monitoring in Mit Control?
Is email id of Monitor maintained in Alert tab? -
Workaround for non-SAP mitigating control reminders
Dear all,
Our business users would like to document mitigating controls in RAR 5.3 regardless of whether they are connected with an SAP report. They would also like to receive email reminders for those controls.
Unfortunately, the frequency of the control can only be defined per connected SAP report and reminders will only be sent for controls if the SAP report has not been executed.
Have you been exposed with a similar requirement? It seems like a natural thing to ask from a business perspective. RAR 5.3, however, is not designed in that way.
Have you come up with any feasible workarounds for this?
My current approach would be to create a dummy Z-report per SAP system (such as Z_MANUAL_MITCTRL) that control monitors have to call once to confirm the execution of their control.
Cheers and best regards
PatrickHello,
Regarding your question, in fact this is dependant on how your UME (User Management Engine) is configured on your WAS (Web Application Server). If the UME is connected to your R/3 back-end then the user need to have a R/3 account to connect to CC, otherwise if your UME is "independant" then you just need to create an account in the UME.
Regards,
Jérôme. -
Error on page when selecting a Risk for Mitigation from CUP
Hi,
I am not getting the link to Mitigate the riks for the Roles requested from CUP. when I am trying to select the risk to mitigate after the Risk Analysis is done from RAR and the report is fetch to CUP no links are showing. It shows error on the screen "Correct the following errors: Select a risk."
The message "Error on page" shows in the bottom left corner of the browser. I can not go any further to mitigate the risk.
The soluition was put to import the AE_init_append_data.xml as instructed n the A 5.3 installation guide. This file contains lines for background color that ar enecessary for display of the Risk. each support package of 5.3 has this file and is delivered in the .SAR file, and this should always be updated if delivered.
I have tried this and still falling to Mitigate the risk as the problem remains. May I know if you have some other solution or if you can provide me with the correct and update file for above request.
Thanks,
AbhimanyuHi,
Have you configured the mitigation controls?
There are mitigation control Exit URIs in workflow configuration in CUP Configuration-Miscellanious setting?
Put all these configuration in place if you dont have, and please check that active status is checked for all these.
Regards,
Sabita -
Mitigation control workflow for AC10
We are configuring the Mitigation control workflow during the implementation of AC 10.
I would like to know whether its mandatory to have the workflow for Mitigation approver and monitor. As per the implementation team there is no requirement for them as this is not covered during the rampup. But I think this should be mandatory to have the mitigation approval worflow so all the mitigation risk should be approved before mitigating. Otherwise, security admin can mitigate any risk and complete the request.
Please advice.Hi,
Yes. It will be a manual process. In some of the organizations, risks identification and mitigation will be performed manually by the Business process owners, which means in reality there will not be any risks that pop-up in CUP or RAR since they are already mitigated for the user.
If you don't want to enable the mitigation process in the workflow, you have to do it and record the evidences manually.
Hope this answers.
Regards,
Raghu
Maybe you are looking for
-
Hi All, as i'm new to oracle apps and reports,i have assigned some work on reports that is with India Localization. Can any one is intrested me to helpin this issue as i ahve given this report by 2day. If any one is intrested i will provide the acces
-
Mytracks & mapmyride gps apps failing
Hi Having issues using mytracks and mapmyride apps. Both apps are failing to plot my route & calculate pace and/or distance. Found similar issues on other droid boards but no solutions. Let me know if you need any more info... here's a log snippet.
-
I have Photoshop Elements 5.0 that came with my computer. I was using Photoshop LE and it was much more flexible. I need a program that will let me custom crop (not proportional) and adjustment slides for custom color. I do personal pictures so I
-
hola queria decir lo siguiente instale la ultima version del itunes y no anda , cliqueo y no responde conecto el iphone y nada , tengo windows vista , que debo hacer
-
Ever Since the new update, My phone will not sync with my windows contacts. How do I fix it.