Risk Analysis with "ALL" systems

Gurus,
     I have a scenario where we have a rule set (not global) built on a logical system with 8 systems in it. We are trying to run the analysis with "ALL" systems instead of individual systems as we are hoping that the analysis will be performed only on the systems that are part of the logical systems. My understanding on how the risk analysis run may be wrong but I need a second opinion on my assumption. Please do let me know if any one needs more explanation.

Hi Varma,
The Risk Analysis System "ALL" is really all connectors and is not tied to the Logical System (LS). The LS defines which systems are applicable for the rules. If your LS has fewer systems than all the connectors, just keep in mind that this impacts the results.
Example:
Existing connectors = A, B, C, D, E, F (ALL = A-F)
LS-1 = A, B, D, F
Run the report for "ALL" systems/connectors and lets assume that every system has SOD issues. Your results would look like this:
A = SOD violations
B = SOD violations
C = "no violations found"
D = SOD violations
E = "no violations found"
F = SOD violations
You would either need to add C & E to LS-1 or create a LS-2 with connectors C & E and create/upload rules for LS-2. Then ALL would find SOD violations for connectors A - F.
Hopefully I didn't over explain the question. Short answer is system "ALL" = all connectors and there is no choice to run the SOD report based on a specific LS.
-Dylan

Similar Messages

  • AE 5.2 remote risk analysis with CC 520_640

    Hi,
    Can anyone please tell me if this scenario is possible.
    AE to do risk analysis in remote system by using CC rules defined in a central system.
    Eg. ECC system has mitigation rules defined for HR. ECC also has rules defined for Finance, MM etc
          AE 5.2 will connect to the CC (ECC system) when processing a request and check the HR rules for the  
          roles in AE to do a remote risk analysis before provisioning the access in HR box.
         ECC box has CC 520_640 - ECC 5.0
         HR box has CC 520_700  - ECC 6.0
          Is this possible at all? CC configuration parameters are enabled and defined to do a remote analysis.
          Risk analysis shows risks when a remote analysis is done in CC. But AE risk analysis shows no risks.
    Thanks

    Good question but quite confusing way to ask but anyways..
    As you said you are able to perform risk analysis in RAR/CC on the considered system (remote system as you mentioned) but not able to perform the same in CUP/AE
    from the symptoms It seems like the web service in AE for integration with CC to perform Risk Analysis is not configured.
    Please go to Configuration tab > Risk Analysis menu > Select CC version
    and enter the URL for the web service, it may be something like
    hostaddres:portno/VirsaCCRiskAnalysisService/config?wsdl&style=document
    or you can find it through following method.
    Go to Web Services Navigator (same location as for UME) and drill down to VirsaCCRiskAnalysisService and get the URL from there. Finally enter the URL on the above mention location.
    Then try performing the Risk Analysis on the considered system, if it is still not working and in case the web service is already configured and working for other systems let me know. We will think in some other direction.
    Best Regards,
    Amol Bharti

  • GRC 10 - Risk Analysis in legacy system

    Hi everybody,
    I have a problem with legacy connectors in GRC 10. I implemented the note 1594963. So, I created the legacy files and storage it in GRC server.
    When I run the user synch, the legacy connector only synch the first record.
    Someone can help me? Someone did implement a risk analysis for legacy systems?
    Regards,

    Hi  Claudio Ekel
    Can you share some inputs on the Legacy Risk Analysis.
    We have configured the Legacy Connector as per the note 1594963 ; Placed the files on the server & tried running Synchronization Jobs. But the data is not getting uploaded to GRC10 .
    We made sure that text files are in UTF-8 format
    Is it mandatory to load all the 11 files that are provided in the note 1594963? We have excluded the Profile related files
    Can you share a sample of Legacy file formats that you have used for the sync.
    Can you throw some light on what could be the possible issues for data not getting uplaoded to GRC10?
    Regards,
    Pavan Muthyala

  • Batch risk analysis over cross system

    Hi,
    I have the folllowing problems with batch risk analysis over cross system group (SP14) when I run the batch risk job over this group of connector:
    - The number of users analyzed are wrong in reports.
    - The last update date are wrong in reports.
    - The reports shows some risks with locked and expired users. For example I have 3 connector in a group and user A is not locked in connector 1 but locked in 2 and 3. The reports shows this A user in all the connectors included in the cross system.
    Does anyone have a similar scenario? How resolve it? Any tip is welcome.
    Kind regards,

    Hi,
    SAP solved my problems with the following notes:
    -1988650 - GRC 10.0: user analyzed for single & cross connector and SAP_ALL profile disappear for cross system in ad-hoc risk analysis.
    - 2028860 - AC10.0 GRACMGRISKD table shows riskid for riskcount zero
    Regards,

  • Risk analysis failed: ExceptionInvalid System

    Hi Gurus,
    When I am doing risk analysis in CUP for work flow request I am getting following error"Risk analysis failed: ExceptionInvalid System"
    And system log is as follows"
    011-12-18 15:52:02,729 [SAPEngine_Application_Thread[impl:3]_2] ERROR
    com.virsa.ae.service.messaging.MessageNotFoundException: Code: '9940', Locale: 'en'
    com.virsa.ae.service.messaging.MessageNotFoundException: Code: '9940', Locale: 'en'
         at com.virsa.ae.service.messaging.MessageFormatter.formatAsText
    (MessageFormatter.java:103)
         at com.virsa.ae.search.po.RequestHistoryPO.getDisplayString(RequestHistoryPO.java:112)
         at jsp_show_audit_info1323336819278._jspService
    (jsp_show_audit_info1323336819278.java:110)
         at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
         at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
    (JSPServlet.java:566)
         at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
    (JSPServlet.java:190)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork
    (RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.include
    (RequestDispatcherImpl.java:509)
         at com.sap.engine.services.servlets_jsp.server.jsp.PageContextImpl.include
    (PageContextImpl.java:163)
         at jsp_request_review1323336807965._jspService(jsp_request_review1323336807965.java:703)
         at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
         at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
    (JSPServlet.java:566)
         at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
    (JSPServlet.java:190)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork
    (RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward
    (RequestDispatcherImpl.java:377)
         at com.sap.engine.services.servlets_jsp.server.jsp.PageContextImpl.forward
    (PageContextImpl.java:199)
         at jsp_request_review_controller1323336806543._jspService
    (jsp_request_review_controller1323336806543.java:18)
         at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
         at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
    (JSPServlet.java:566)
         at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
    (JSPServlet.java:190)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork
    (RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward
    (RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service
    (AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork
    (RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward
    (RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service
    (AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet
    (HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest
    (HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet
    (RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet
    (RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer
    (RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle
    (RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at
    com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process
    (ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Thanks,
    Nayana

    Hi,
    Have you already checked this thread??
    Error on calling RAR from CUP
    Cheers,
    Diego.

  • AE 5.2 cross system risk analysis with CC 4.0

    Hi,
    We have an unique situation.
    We have CC 4.0 (central) set up in ECC system where the rules and risks are defined for systems such as R/3, HR and SRM
    We need AE to use this central CC system to do the risk analysis when an access request for HR or SRM is submitted in AE 5.2. Right now for a request to a HR system, risk analysis is being done in HR system where there are no rules and hence no risks are identified.
    Environment :
    CC 4.0 in  ECC 5.0 with VIRSANH RTA 520_640 Level 3 and VIRSAHR RTA 520_640 Level 2
    AE 5.2 JAVA in NW 7.0 SP level 2
    Risk analysis for Access requests to ECC system is done with out any issues and the connectors in AE are defined as well as CC 4.0 configuration for cross system is enabled.
    Please give your suggestions and also tell me if this below scenario is possible.
    Use CC 5.2 Java stand alone system and define logical/cross system to connect to multiple systems such as HR and SRM and use those specific rules to do the risk analysis.
    Thanks

    Hi RM,
    You can setup Risk Analysis inside AE Configuration.
    You can identify the level of risk analysis and specify the Compliance Calibrator version for processing risks.
    See the details from the AE Configuration Manual
    In the Select Compliance Calibrator Version pane, from the Version drop-down list, select the version of Compliance Calibrator.
    In the URI field, enter the appropriate URI address for the web services.
    In the User Name field, enter your User ID. Your User ID must have security access
    to web service.
    In the Password field, type your password.
    Select the Perform Org Rule Analysis option to perform org. rule analysis at risk
    analysis time.
    Note: There are two selectable versions of Compliance Calibrator. If you select 5.0 Web Service, three additional fields appear (URI, User Name, and Password). For the URI field, you need to navigate to the
    SAP NetWeaver Web Application Server Home page > Web Services Navigator > CCRiskAnalysisService > WSDLs > Standard link of Document, where you will see a list of all web
    services in the server. Select the desired URI address.
    If you select Compliance Calibrator 4.0, there is no need to connect to a URI address
    So the answer is YES, you can connect AE  5.2 with CC 4.0 for Risk Analysis.
    Hope this helps,
    Regards,
    Kiran Kandepalli.

  • Is it possible to conduct IT Risk Analysis with BPA?

    Hi, my company has been working for long with BPA. I have been required to conduct an IT risk analysis process. I wonder if BPA could be my choice, since I am not 100% sure BPA can do that. Does anybody have used BPA to perform a risk analysis?
    Thanks

    I am not 100% certain what IT risk analysis means, but you might want to explore the BPA simulator to see if it meets your needs.

  • GRC AC 10.1 - Risk Analysis: No rules were selected

    Hi All,
    I'm currently configuring the ARA module in GRC AC 10.1, and an facing this issue. When I run my User Analysis, its throwing an error message "No rules were selected'.
    As per your suggestions from discussions, i double checked all the below activities
    Activate the BC sets
    Run Sync Jobs
    Run Batch Risk Analysis
    After all this I found that the functions are not mapped to the logical groups(Back-end Systems) I have defined. Can you please let me know how to make sure you have correct back end system(logical Group) updated for the functions in the setup? Doesn't the configurations Connector/Connector Groups etc already mapped the functions to the back-end system? It would be a hell of work to do all the system mapping on function level manually.

    Hi Narsimha
    You need to map your connectors to the logical systems that are used in the function definitions
    Look at your integration framework Setup in the IMG.
    Governance, Risk and Compliance > Common Component Settings > Integration Framework > Maintain Connectors and Connection Types
    Also, for 10.1 there was an issue with logical systems. It may be that your configuration is correct: Re: GRC 10.0 SP14 - Poblems when generating rules for logical systems
    Regards
    Colleen

  • Faield to run Batch Risk Analysis BG JOB in RAR

    Dear Expert,
    While doing batch risk analysis (Including all User/Role/Profile  Action and Permission level analysis with Management Report), often we are getting the following error , that we found from the log.
    Feb 7, 2009 8:32:23 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine riskAnalysis
    WARNING:  Job ID:188 : Failed to run Risk Analysis
    java.lang.Exception: Cannot extract data from system (ECQCLNT360); for more details, refer to ccappcomp.n.log
         at com.virsa.cc.xsys.meng.MatchingEngine.matchActRisks(MatchingEngine.java:118)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1104)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:297)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1047)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1369)
         at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:402)
         at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:264)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:240)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:80)
         at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:436)
         at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1225)
         at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
         at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
         at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
         at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
         at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:321)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:713)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:666)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)
         at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Feb 7, 2009 8:32:23 AM com.virsa.cc.xsys.bg.BatchRiskAnalysis performBatchRiskAnalysis
    WARNING: Error: while executing BatchRiskAnalysis for JobId=188 and object(s):T-EQ462534: Skipping error to continue with next object: Cannot extract data from system (ECQCLNT360); for more details, refer to ccappcomp.n.log
    Feb 7, 2009 8:32:23 AM com.virsa.cc.xsys.bg.BgJob updateJobHistory
    FINEST: --- @@@@@@@@@@@ Updating the Job History -
    2@@Msg is Error while executing the Job for Object(s) :T-EQ462534:Cannot extract data from system (ECQCLNT360); for more details, refer to ccappcomp.n.log
    Feb 7, 2009 8:32:23 AM com.virsa.cc.xsys.bg.dao.BgJobHistoryDAO insert
    INFO: -
    Background Job History: job id=188, status=2, message=Error while executing the Job for Object(s) :T-EQ462534:Cannot extract data from system (ECQCLNT360); for more details, refer to ccappcomp.n.log
    Feb 7, 2009 8:32:23 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine riskAnalysis
    INFO:  Job ID:188 : Exec Risk Analysis
    Feb 7, 2009 8:32:23 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO:  Job ID:188 : Analysis starts: T-EQ462535
    Feb 7, 2009 8:32:24 AM com.virsa.cc.comp.VirsaXSR3_02Interface execute
    WARNING: VIRSAXSR3_02: Cannot execute BAPI AuthForProf
    com.sap.tc.webdynpro.modelimpl.dynamicrfc.WDDynamicRFCExecuteException
         at com.sap.tc.webdynpro.modelimpl.dynamicrfc.DynamicRFCModelClassExecutable.execute(DynamicRFCModelClassExecutable.java:107)
         at com.virsa.cc.comp.VirsaXSR3_02Interface.execute(VirsaXSR3_02Interface.java:279)
         at com.virsa.cc.comp.wdp.InternalVirsaXSR3_02Interface.execute(InternalVirsaXSR3_02Interface.java:1341)
         at com.virsa.cc.comp.wdp.InternalVirsaXSR3_02Interface$External.execute(InternalVirsaXSR3_02Interface.java:1376)
         at com.virsa.cc.comp.BackendAccessInterface.executeBAPIModel(BackendAccessInterface.java:3393)
         at com.virsa.cc.comp.BackendAccessInterface.execBAPI(BackendAccessInterface.java:407)
         at com.virsa.cc.comp.BackendAccessInterface.executeBAPI(BackendAccessInterface.java:302)
         at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.executeBAPI(InternalBackendAccessInterface.java:4227)
         at com.virsa.cc.comp.wdp.InternalBackendAccessInterface$External.executeBAPI(InternalBackendAccessInterface.java:4692)
         at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjActions(DataExtractorSAP.java:213)
         at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjActions(DataExtractorSAP.java:105)
         at com.virsa.cc.xsys.meng.MatchingEngine.getObjActions(MatchingEngine.java:770)
         at com.virsa.cc.xsys.meng.MatchingEngine.matchActRisks(MatchingEngine.java:112)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1104)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:297)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1047)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1369)
         at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:402)
         at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:264)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:240)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:80)
         at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:436)
         at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1225)
         at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
         at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
         at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
         at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
         at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:321)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:713)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:666)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)
         at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Could you please let me know why does it happening ? During installation of the system I have done Performance Optimization according SAP Notes. Instead of this again and again we are facing this problem.
    But If I do Batch Risk Analysis One by One, let say First we have done User Analysis with Mgmt Report next has been done Role Analysis then profile, according to that we got the successfull result.
    Thanks & Regards
    Pavel Das
    PwC India
    +919874886293

    Dear Alpesh,
    Good to hear you from sdn.
    Yes, It works properly when I have scheduled some of the profile and some of the Roles along with Management Report.
    It does not work when I have shecduled all the Roles and Profile together.
    So what would be your suggestion for Batch Risk Analysis ?
    Thanks
    Pavel

  • Risk Analysis in GRC 10.0

    Dear Experts,
    I have configured RAR in GRC 10.0. Sync jobs are successful. Batch risk analysis is sucessful.
    But when I tried to run a User/Role risk analysis I am not getting any result. I am not sure whether system has run risk analysis or not but I get the confirmation screen with blank result table. Please advise how to fix this issue.
    I appreciate your help.
    Thanks,
    Raj

    Hello Raj,
    Check the below points related to risk analysis
    1.check once the parameter id in configuration settings
    2.BC set activation
    3.while running risk analysis check backend system name and connector which is configured.

  • CUA and Risk Analysis

    We have installed GRC 5.3 AC and using it with CUA. Connector names are same as names in CUA.
    While doing Risk Analysis for user in Master system, it shows violations. For same user, when I do risk analysis in child system (which has same roles) it does not show any violations.
    Are we missing anything?
    Thanks,

    Thanks,
    I checked those notes but it talks about Analysis from CUP where as I'm currently looking into Risk Analysis from RAR only.
    I checked with another user-id with different roles but it shows violation in both Master and Child system. Wehre as earlier user-id still shows violation in Master system only even though roles are same in both systems.
    So, i suspect some of rules are not generated (i ran rule generation again).
    Is there any way to check/generate rules for particular system?

  • GRC_10 Risk Analysis Report

    Hi,
    i should extend the risk analysis report with more details from diffrent tables, they hold special role details.
    I havent found an idea how to do this.
    Could i extend the standard report for risk analysis with more columns?
    Is there something like user.exits or enhancement-points?
    thank you very much indeed
    best regards
    Alex

    Hi Alex,
    did you have a chance to look at standard SAP Help information about different types of reports and information available?
    If not yet -please take a look at:
    Risk Analysis Reports - SAP GRC Access Control - SAP Library
    What exactly information you would like to add to reports?
    Standard reports can by customized by adding some additional fields which are hidden in standard view.
    There is also an option to add custom fields and data,
    Lets us know,
    Filip

  • CC 5.2 - Risk Analysis on existing roles

    Hello,
    When I submit a change request via AE 5.2 in order to add a role to an existing user,
    does CC 5.2 perform the risk analysis to the user corresponding roles (existing roles + new one) or only for the role to be added?
    Thank you for your answer.
    Abderrahim

    Hi Abderrahim,
    Yes. It will perform a risk analysis with the existing roles + newly added role. You should enable this in the CUP.
    Go to Configuration --> Risk Analysis -> Set the default risk analysis level.
    Regards,
    Raghu

  • AE 5.2 - Risk Analysis problem

    Hello,
    I am facing an issue with AE 5.2. When I create a request to assign roles and perform Risk Analysis, I get some SOD violations messages.
    I copy the some assigned roles and paste them in CC 5.2 -> Informer -> Risk Analysis -> Role Level and I have no conflict!
    Can you please advise why I have conflict with AE and not with CC?
    Thank you very much indeed,
    Cheers,
    Abderrahim

    Hello,
    In fact, It was only a false positive issue because:
    In CC I perform a risk analysis with Permission Level option.
    However, I get risk violation in AE with Critical Transaction for the same role.
    The right way is to run risk analysis in CC with Critical Actions.
    Thank you for your collaboration.
    Regards,
    Abderrahim

  • Risk Analysis at user level shows nothing in all 3 views though at role level shows risks of global rule set

    I am configuring ARA 10.1 for a ECC 6.0 plug in development system and facing this issue. Risk Analysis at user level shows no data  in all 3 views though at role level shows risks of global rule set. I am using Global rule set. I generated all risks/functions & using connector group as SAP_ECCS_LG not SAP_R3_LG.I activated common, R/3 & ECCS BC sets. Added integration scenario for AUTH. Run all 4 sync jobs multiple times successfully. My system already has decentralised EAM 10.1 implemented & even used in production as BAU. I have checked at both chrome & IE. The misleading thing is that RFC is also working fine & I can see risks in Risk Analysis at role level & risky roles are even assigned to valid users.GRC is at SP4 & accordingly is the ECC 6.0 plug in. Thanks in Advance. Please  consider it urgent.

    Hi,
    Assign ECC connector to SAP_ECCS_LG group.
    Run the programs GRAC_PFCG_AUTHORIZATION_SYNCand GRAC_REPOSITORY_OBJECT_SYNC) in full synch mode(this might take time so better do this in background). Better do it sequentially.Check the logs of the jobs in SLG1 just to ensure everythings fine.
    Run ARA for a specific user and mention the connector for faster output. Ensure this user has the role with risks.Also as explained earlier check the GUID against user id in table GRACUSERROLE and using GRACROLE you can find out the technical name of the role updated in the table. This should be same as the backend role.
    Then run ARA and while doing so please ensure the selection screen doesnt have any unwanted default inputs. If followed correctly , this should be of help.  I am assuming the role analysis yielded correct risks as configured since this would mean that connector have correct actions and basic config is in place.
    Regards,
    Vivek

Maybe you are looking for

  • Can post Journal at the parent level?

    Hi, Can anyone tell me how to post a journal at the parent entity level? In consolidation, we often do some adjustments at corporate level, how to archieve that via journal? Thanks a lot! Maggie

  • IPod touch 4th gen won't sync with itunes

    I have an ipod touch it's under 2 months old and when I went to add some more music onto it earlier this evening it wouldn't sync so I tried restoring it and now I'm left with an iPod that won't sync with itunes Someone please help. I use windows xp

  • Mitigation assignment approval in Access Request Workflow

    Hi Guys, I am currently implementing GRC for one of the clients. I have a question with respect to Mitigation assignment approval in Access Request Workflow. Below is the Scenario, 1) User Submits the request 2) Manager Approves 3) Role Owner runs th

  • My Ipod wont respond to my itunes

    I'm aware that there are many different ways to fix this problem. I talked to a Apple advisor and he told me that i should delete everything that has to do with apple off my computer, restart it and then reinstall it. I tried( didnt work) I just upda

  • Quality of imported Digital 8 video on MacBook

    Now that I have successfully imported 10 minutes of Digital 8 content via Firewire to my MacBook (2 GB RAM), I notice the quality of the image in the MacBook is substantially less than that on the camera. Q.Is this a function of the amount of data fi