Risk Analysis in a CUP request

Is there any way to run a Risk Analysis in a CUP request on different Rule Sets?
Letu2019s say you have 3 different Rule Sets like US - EU u2013 Global defined in RAR. Each one includes its own risks. In a CUP
request, it shows risks based on the u201CVirsaCCRiskAnalysisServiceu201D defined in your CUP config.
In our case we use the global Rule Set but the problem is for an EU request you can have US risks appearing that must be mitigated even if those risks are not relevant for EU.
It would be great if we could link the attributes Company or Functional Area directly to a specific rule set.
Please help/comment on this issue.
Regards

Hi,
When we perform risk analysis on the request, ruleset for the risk analysis for CUP request is picked from RAR default values.
RAR-> Configuration-> Default Values-> Default rule set for risk analysis.
This rule set is picked by CUP to perform the risk analysis.
With the current design it is not possible to link  the attributes Company or Functional Area directly to a specific rule set.
Kind Regards,
Srinivasan

Similar Messages

  • How to verify Risk Analysis done for CUP request?

    We are on GRC 5.3 SP 13.
    Is there a way to verify whether a Risk Analysis was performed during a stage for a CUP request?
    We have a CUP request that should have generated a SOD Risk when it was processed.  However the closed request shows no risk or mitigations on it.  The approvers say they ran a Risk Analysis, and the workflow stage does have that set as mandatory.  Also, you do get SODs if you run a User Analysis for this userid in RAR directly, so it looks like the request should have had them also.
    Is there any way to verify whether a Risk Analysis was actually performed in the CUP request workflow stage?
    At this point I don't know if this is a problem with the CUP Risk Analysis, or if the user just didn't run one and the system let that  slip thru somehow.
    Thanks.

    I bellieve you can log into RAR>RAR Debugger>View Server Log>You can search on Analysis.  If your are getting any errors they will also show up here. 
    Example: 
    INFO: Foreground : Analysis starts:
    Mar 9, 2012 3:44:23 PM com.virsa.cc.xsys.meng.ObjAuthMatcher <init>
    FINEST: ObjAuthMatcher constructed: 0ms, #singles=11, #ranges=0, #super=0
    Mar 9, 2012 3:44:23 PM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO: Foreground : Analysis done: 55550000 elapsed time: 49 ms
    Mar 9, 2012 3:44:23 PM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO: Foreground : 1 out of 1 (100%) done
    Mar 9, 2012 3:44:23 PM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO: Foreground : All Analysis done,  elapsed time: 64 ms , memory usage: free=782M, total=2048M
    Mar 9, 2012 3:44:23 PM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis

  • Risk Analysis for 2 open request in CUP

    Hi Team,
    If in CUP i have 2 open request by same user which individually may not give any Risk but collectively may have some risk assosiated with it how do i address this real time.
    (I iunderstand that this risks can be discovered in RAR but i want to address this in CUP itself)
    Scenarios:
    1]My Manager approves the request No. 1 and before this request is closed by Security he has another request ,request No. 2 by same user.
    2]Both the request by same user are pending with Manager.
    Is it possible to discover the risks in this 2 open request by Manager or say anyone in the path?.
    How should we handle such scenarios?
    Is there any way i can set a rule for open request.( The user should not be able to create same request type if he has an open request in this category)
    Please suggest.
    best regards,
    Charukesh

    Charukesh,
    I have not seen anyone configure risk analysis based upon consolidation of two pending requests.
    It would, of course, be possible to perform a manual simulation of the addition of the two roles.
    Or, once one is approved, the second would then trigger conflicts if re-run at the point of approval but I don't think that it is possible to configure automated analysis of one request while taking into account the other one which is also still pending.
    I would suggest contacting the Customer Advisory Group of SAP to get the confirmed answer to this though.
    Simon

  • Risk Analysis failure in CUP

    Hi Experts,
    We have upgraded our sandbox from GRC Access Controls v5.2 to version v5.3 SP7. I am now getting the following error when doing CUP Risk Analysis to RAR:
    Risk analysis failed: Exception from the service : Risk Analysis failed
    Any ideas?
    The Connection Names are the same for CUP and RAR.
    Here is the CUP log for the error:
    2009-05-11 17:17:12,562 [SAPEngine_Application_Thread[impl:3]_36] ERROR com.virsa.ae.core.BOException: Exception from the service : Risk Analysis failed
    com.virsa.ae.core.BOException: Exception from the service : Risk Analysis failed
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1073)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:300)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:109)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by: com.virsa.ae.service.ServiceException: Exception from the service : Risk Analysis failed
         at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:586)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         ... 24 more

    Hello All,
    I am having the same issue in CUP
    EXCEPTION_FROM_THE_SERVICERisk Analysis failed
    com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed.
    The Password for the web service has not expired or the URI is the same as the CCRiskanalysis service and as well the connectors have the same name in RAR & CUP.
    It worked till yesterday and stopped working suddenly. Any help is appreciated.

  • Risk analysis failed in CUP

    Hi,
    We have same connector name in CUP and RAR but risk analysis failed and throws error "Risk analysis failed: ExceptionRisk Analysis failed"
    have a look on detailed log as follows.
    2012-01-03 17:54:54,044 [SAPEngine_Application_Thread[impl:3]_7] ERROR Ignoring exception : com.virsa.ae.service.messaging.MessageNotFoundException: Code: '9923', Locale: 'en'
    com.virsa.ae.service.messaging.MessageNotFoundException: Code: '9923', Locale: 'en'
         at com.virsa.ae.service.messaging.MessageFormatter.formatAsText(MessageFormatter.java:103)
         at com.virsa.ae.commons.utils.JSValidationUtil.getMessage(JSValidationUtil.java:467)
         at com.virsa.ae.commons.utils.JSValidationUtil.formatMessage(JSValidationUtil.java:523)
         at com.virsa.ae.commons.utils.JSValidationUtil.formatMessage(JSValidationUtil.java:548)
         at jsp_common_import_export1321962467821._jspService(jsp_common_import_export1321962467821.java:60)
         at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
         at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:566)
         at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:190)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.include(RequestDispatcherImpl.java:509)
         at com.sap.engine.services.servlets_jsp.server.jsp.PageContextImpl.include(PageContextImpl.java:176)
         at jsp_cfg_support1321962466399._jspService(jsp_cfg_support1321962466399.java:148)
         at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
         at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:566)
         at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:190)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at
    Thanks,
    nayana

    Hi,
    We have uploaded the latest xml files as per service pack still getting message risk analysis failed . Have a look on following log
    and advice me.
    2012-01-04 23:45:45,273 [SAPEngine_Application_Thread[impl:3]_32] ERROR com.virsa.ae.core.BOException: ExceptionRisk Analysis failed
    com.virsa.ae.core.BOException: ExceptionRisk Analysis failed
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1167)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:381)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:118)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Caused by: com.virsa.ae.service.ServiceException: ExceptionRisk Analysis failed
         at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:591)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         ... 24 more
    Thanks,
    nayana

  • CUP 5.3 (SP12) Risk Analysis Errors in CUP

    Hello Experts,
    When I run risk analysis in CUP for user provisioning. I get an error message:
    Risk analysis failed: Exception in getting the results from the web service : Service call exception; nested exception is: java.lang.Exception: Incorrect content-type found 'text/html'
    Connector names are the same across all the components. We have a CUP test environment with SP11, and we did not have this kind of errors. I virtually tried everything I could.
    If you can, please assist me.
    HM

    Hello HM, 
    I had this error when I first upgraded to SP12 but I don't know if it is a SP issue or not.
    My CUP --> RAR SOD Analysis works for me on SP12.
    You might try double checking the following:
    1. Check all CUP configuration Web Service parameters in CUP --> Configuration --> 1) Risk Analysis & 2) Mitigation.
    2. Check that you uploaded the latest UME roles that were delivered with SP12.
    3. Check the UME user that is configured in CUP for risk analysis to make sure the password is still correct and that it has enough assigned roles.
    4. Make sure you uploaded all the required XML configuration files to CUP --> Configuration --> Initial System Data.

  • Risk analysis failed: Exception from the service : Invalid System

    I'm trying to get the risk analysis performed for CUP requests.  When I'm in the process of creating a request, and I add roles to the request and then click on the risk analysis button, I get the above error.
    I checked the URI that I've included in the Risk Analysis section of the configuration and I believe it is correct:
    http://<server>:<port>/VirsaCCRiskAnalysisService/Config1?wsdl&style=document
    I've selected 5.3 web service, and I have provided a user ID that has admin rights.
    What do you think is the reason this error is being thrown?
    The error in the log is:
    2009-11-19 15:04:31,821 [SAPEngine_Application_Thread[impl:3]_39] ERROR com.virsa.ae.core.BOException: Exception from the service : Invalid System
    com.virsa.ae.core.BOException: Exception from the service : Invalid System
    Thanks,
    Santosh

    Frank,
    Thanks for your response.  I was thinking along these lines already and so I have tried to do as you suggest.  However it didn't work and the log indicated that it didn't like my connector name (even though the connector name is now the same as in RAR).
    Caused by: com.sap.tc.webdynpro.services.exceptions.WDRuntimeException: Failed to resolve JCO destination name 'SANDBOX' in the SLD. No such JCO destination is defined in the SLD.
    However, I looked at one of the online post installation checklists for CUP and I gathered that it might be necessary to have the JCo itself renamed at the backend to reflect the name used in RAR, and that should populate into my connector list within CUP (when you click on the magnifying glass).
    I'm waiting to try that out, but I'm not sure about any secondary impact of making a change to the JCo name.
    Let me know what you think about that move.
    Thanks,
    Santosh

  • Risk analysis after approval in CUP

    Hi,
    Can it be possible? CUP to do automatic risk analysis after the request is approved by the role approvers.  If there are no risks, roles will get provisioned. If risks exist based on the risk ID to have the request forwarded to the risk owner where the mitigation control, monitor details are entered.
    Please provide your inputs.
    Thanks
    R R

    Not a good idea, generally.
    What you can do is have the risk analysis performed automatically on request submission. The approvers would see the risks, but you can allow them to ignore them and have a detour on the last approval step.
    This has a few quirks:
    - if your last approval is a role approver, i.e. there may be a split approval to several people, the detour is tricky.
    - if one of the approvers changes something in the request, the risk analysis is invalid.
    I would also question the general idea - usually in case of risks, one of the approvers should also take action. If all they do is approve, get them out of the way.
    Unfortunately there is no step that says "automatic risk analysis, no manual approval required". That's an enhancement I would also welcome.
    Frank.

  • Risk Analysis in CUP not working

    Hello Experts, we are using GRC 5.3. In CUP, I am trying to approve Role Provisioning. One of the requirements is to run Risk Analsys (as it says 'Risk Analysis is Mandatory'). When I hit the 'Risk Analysis' button, the circle keep circling but, nothing seems to happen forever (no error message either). Can you guide me in the right direction? What could be the possible situation? And, where am I better off to start troubleshooting.
    Thank you.

    Well, the problem seems to be that I am connecting from VPN. From my analysis, after I reboot the laptop, I am able to analyze risk for the first 3 or 4 requests and after that I can't do risk analysis for any more requests until I reboot my laptop. If I login to a remote server (say Virsa server), I seem to have no problem at all. i am able to continuoiusly run risk analysis for multiple requests. The problem seems to be VPN or my laptop.

  • Skipping the risk analysis

    Hi All,
    I have  CUP .net version in GRC.We have a risk analysis mandatory for every request.I want to know if I can skip the risk analysis for some orders in CUP.How I can do it.
    Thanks in advance

    Yes, you can skip.
    Goto -> CUP Configuration -> Workflow -> Stage -> Addition configuration -> Risk Analysis Mandatory ->NO
    Suggest you to perform risk analysis if its part of your process..
    Rakesh

  • AE 5.2 cross system risk analysis with CC 4.0

    Hi,
    We have an unique situation.
    We have CC 4.0 (central) set up in ECC system where the rules and risks are defined for systems such as R/3, HR and SRM
    We need AE to use this central CC system to do the risk analysis when an access request for HR or SRM is submitted in AE 5.2. Right now for a request to a HR system, risk analysis is being done in HR system where there are no rules and hence no risks are identified.
    Environment :
    CC 4.0 in  ECC 5.0 with VIRSANH RTA 520_640 Level 3 and VIRSAHR RTA 520_640 Level 2
    AE 5.2 JAVA in NW 7.0 SP level 2
    Risk analysis for Access requests to ECC system is done with out any issues and the connectors in AE are defined as well as CC 4.0 configuration for cross system is enabled.
    Please give your suggestions and also tell me if this below scenario is possible.
    Use CC 5.2 Java stand alone system and define logical/cross system to connect to multiple systems such as HR and SRM and use those specific rules to do the risk analysis.
    Thanks

    Hi RM,
    You can setup Risk Analysis inside AE Configuration.
    You can identify the level of risk analysis and specify the Compliance Calibrator version for processing risks.
    See the details from the AE Configuration Manual
    In the Select Compliance Calibrator Version pane, from the Version drop-down list, select the version of Compliance Calibrator.
    In the URI field, enter the appropriate URI address for the web services.
    In the User Name field, enter your User ID. Your User ID must have security access
    to web service.
    In the Password field, type your password.
    Select the Perform Org Rule Analysis option to perform org. rule analysis at risk
    analysis time.
    Note: There are two selectable versions of Compliance Calibrator. If you select 5.0 Web Service, three additional fields appear (URI, User Name, and Password). For the URI field, you need to navigate to the
    SAP NetWeaver Web Application Server Home page > Web Services Navigator > CCRiskAnalysisService > WSDLs > Standard link of Document, where you will see a list of all web
    services in the server. Select the desired URI address.
    If you select Compliance Calibrator 4.0, there is no need to connect to a URI address
    So the answer is YES, you can connect AE  5.2 with CC 4.0 for Risk Analysis.
    Hope this helps,
    Regards,
    Kiran Kandepalli.

  • Risk Analysis thru Web Service

    I'm trying to get Risk Analysis (SoD violaions) for roles using web service. Current approach we are using is to first use web service SubmitRequest to create service and then use web service RiskAnalysis for SoD checks for that request. However, is there any web service which gives Risk analysis directly without creating request in GRC? If i give 2 conflicting roles then can i get risk analysis without actually creating request in GRC?
    Thanks,

    Hi Alpesh, Ankur,
    Thaks for your answer. As you said, the web service which you mentioned works for existing users with assigned roles/profiles. I was more looking for web service which will give me Risk Analysis before i assign Roles/Profiles.
    I found one service VirsaCCRiskAnalysisService which allows me to do risk analysis before assigning any roles/profiles. Of course, the condition is that User should exist in back-end system.
    Thanks,
    Sanjay shah

  • CUP Risk Analysis results are not shown, continues processing request

    We have several users that complain the risk analysis in CUP never finishes. Requests do not contain risks or huge amount of risks which could explain a long runtime.
    With one user we checked, the user is never getting the risk analysis result on his screen. Sitting together with the user shows that the progress bar at bottom of IE is completing analysis, however the screen is not updated to show the risk analysis result and continues to show the processing circle.
    On other pc's CUP risk analysis result is shown as expected, so it must be some issue in local PC Internet Explorer settings.
    Environment used is Windows XP with IE 8. GRC version is 5.3.
    Have any of you experienced the same? And is there a solution available that will resolve this issue, by e.g. correcting settings in IE 8?

    Hello!
    If you want to successfully use GRC 5.3 with IE8, you have two options:
    1) Change a parameter in the server
    2) use the compatibility mode.
    3) Update NW
    refer to [Note 1347768 - Web Dynpro and Microsoft Internet Explorer Version 8.0|https://service.sap.com/sap/support/notes/1347768]
    I dismiss option 2, because it requires to change in every end user computer, so I've been working with option 1 without problems. Bear in mind that NW 7.01 is supported:  [Note 1433940 - Access Control compatibility on Netweaver Java server 7.01|https://service.sap.com/sap/support/notes/1433940]
    Cheers!
    Diego.

  • GRC 5.3: CUP asks to perform risk analysis even when there are no risks in request

    Hi All,
    We recently upgraded from GRC 5.3 SP13 to SP22.
    The one issue which we are facing after upgrade is that now CUP is forcing approvers to do Risk Analysis, even when there are no risks in the CUP Request, that is Risk Tab is Green.
    Previously approvers were able to approve requests without doing risk analysis, if there were no risks in the request.
    CUP used to force them to do risk analysis only when there were risks associated with requests.
    But now, it is forcing approvers to perform risk analysis, even if there are no risks, i.e. approvers are not able to approve requests without any risks without doing risk analysis.
    Please advise.
    Thanks
    Aditi

    Hi,
    Can you check if any change is made in Configuration -> Workflow -> Stage -> Approvers
    Regards,
    Claudio

  • Error Creating Request - Risk Analysis in CUP

    Initially, we had the issue of not being able to create requests in CUP. I read around and found out that I needed to go to Configuration > Risk analysis and change the "Perform Risk Analysis on Request" to No. I tested and I was able to create a request. This tells me that SOMETHING is wrong with the Risk Analysis in CUP. So since its a Risk Analysis error, I when into a requested and selected Run Risk Analysis and go the following error.
    "Risk analysis failed: Exception in getting the results from the web service : Service call exception; nested exception is: java.lang.Exception: Incorrect content-type found 'text/html' "
    But before anything. I just want to verify if its an authorization error with our webserivces id. Any input?
    Thank you,

    1. In the CUP Configuration-> Risk Analysis.
    Under the section "Select Risk Analysis and Remediation Version"( or "Select Compliance Calibrator Version" for version below CUP 5.3) make sure that the following web service is given in the URI, if the "Version" selected is above 4.0.
    "http://<servername>:<portnumber>/VirsaCCRiskAnalysisService/Config1?wsdl&style=document"
                                                                In the server name and port number, enter the corresponding entries of the Compliance Calibrator (CC) or (Risk Analysis and Remediation (RAR)) server entries on which it is installed.
    The User given under this section should have the administrator access for the CUP and RAR.
    CUP is 5.3 and we have the correct URL. The user is given the following roles:
    AEADMIN
    CC_Administrator
    VIRSA_CC_ADMINISTRATOR
    Please review the attachment for the list of actions in these roles. Please let me know if there is an action that the webservice id should have. In the link below, be careful of all the download buttons. Choose the "Save file to your PC: click here" link and open the file. (not save)
    http://www.2shared.com/document/8dOC7v6E/actions.html
    2. Make sure that the user provided in the CUP connector has the access for connecting to RAR and it should also have the administrator rights of the RAR.
    Should the access be provided from the roles/actions from above?
    3. Make sure that the password of both the users given in the above points is not expired i.e. they have been reset in UME.
    You can check the same by once logging into the UME through that users. In case it asks for the password change, then the password is expired and you need to change the password and give the new password in the CUP.
    Should the password ever expire for this ID? I will double check on the password.
    4. The logon language of both the above users should be maintained in UME.
    I am not sure how to check this, please advise.
    5. Also check that the connector in the RAR is working and is able to connect to the backend SAP system.
    I tested the connection in CUP and connection was successful. How can I test the connection for RAR?
    Thank you in advance,
    Edited by: Eric Lau on May 17, 2010 6:41 PM

Maybe you are looking for

  • CONSOLIDATED LIST OF A MATERIAL

    Dear all, I want a transaction in MM for below scenario. My requiremnet is i hev a matcodes say 2000021569,2000021748,2000057811.....etc now i want list report like below mat code          total order qty        total rcvd qty         bal recvd qty  

  • Append swf file - Spry.Utils.updateContent - not work

    I don't understand this When I try to add swf file to Spry Tabbed Panels content - everything is OK. Now - in tabbed panels content I want to insert data from external html files. In this external file I have swf file and text, and images. When I pre

  • HT1349 How to format my hard disk and restart

    THis aftrnoon my system wouldn't start. a black screen with OS X utility. Now I want to format my hard disk and install  OS. X

  • Can't access CMC and infoview on BO edge series 3.1

    Hello gurus,         I have just installed BO edge series 3.1, immediate moment after installation, I can open CMC console, but after I 've done other operation on the computor, CMC can't open now, also I can't open infoview, error shows " can't esta

  • How to change layout in portal

    It's a very hard question to me.but may be easy to you. there are very limited layout in portal. but i need more userful layout ,may be 4 columns in layout How should i do if i want change the layout?