Risk and treasury

Similar Messages

• View change documents for risks and functions

  Is there a way to see what changes have been made to risks and/or functions?  Our SOX group would like to monitor the changes that have been made, who they've been made by and when.  Currently we can go into the individual functions and risks and look at the "Change History" but not sure if there was a way to see a massive list?  Possibly a table that we can pull?
  Thanks for any help!
  Elizabeth

  Hello Elisabeth,
  unfortunately in 5.2, you will have to go to the individual functions.
  5.3 will have a one-click overview for risk/function changes, as well as configuration changes.
  Frank.

• What is the risk, and how to detect, Trojan infection with Flashback/Flashfake? (PowerMac G5 OS X 10.5.8)

  What is the risk, and how to detect, Trojan infection with Flashback/Flashfake? (PowerMac G5 OS X 10.5.8)

  Hey Kappy, without even looking I can tell you anything is better than the GeForce4MX cards, but see
  See japamacs page here on the best AGP cards for G4s & G5s...
  http://www.jcsenterprises.com/Japamacs_Page/Blog/4B4B7BA2-7ABB-47F1-87AC-B03D379 42BEE.html
  Rated slowest on top, fastest on bottom, hopefully japamac will drop in shortly.
  Oh, & they need way more RAM...
  http://www.everymac.com/systems/apple/powermac_g4/specs/powermac_g4_933_qs.html
  http://eshop.macsales.com/MyOWC/Upgrades.cfm?sort=pop&model=155&type=Memory

• ARQ: Problem with Mitigation of a Risk and Request Rejection at the same time???

  Hi All,
  I have configured my workflow in such a way that, when a request reaches a certain approver (who is authorized to mitigate), he has following options available (we have configured this way):
  1. Submit the Request: This will simply approve the request. But I would NOT want him to approve the request if it has violations. First he should mitigate the risks and then approve the request.
  May I know how I can do it? Is this the correct process?
  2. Reject the Request: If he is not ok, he can reject the request. I am ok with this and no action is required.
  3. Forward the Request: If he needs any business clarifications, he can forward the request to the user's manager before mitigating and approving the request. This is also ok for me.
  4. Mitigate the risk: If a request has risk violations, he can mitigate the risks  by clicking on "Mitigate" button on "Risk Analysis" tab.
  Here is the problem I see. The straight forward what he can do is, mitigate the risks and then approve the request (Submit). However, there is one more option with him and that is, he can mitigate the risks and then changes his mind to reject the request!
  If he rejects the request (after mitigating the risks), the mitigation which was done before, is not "UNDONE". Meaning, that user is mitigated though the request is rejected!
  This is very confusing and this way users are simply mitigated for no reason!
  May I know below things:
  1. What is the best way or practice to mitigate risks in a request?
  2. How above explained problem (for point#4) can be addressed?
  3. How I can stop approving a request if it has violations?
  Please advise on this.
  Regards,
  Faisal

  Hi Faisal,
  I try to answer your question (as always ).
  You can configure that at a specifc stage the approver cannot approve if there are risks. Therefore modify the task settings for all the stages and allow/disallow "approve despite risk". For all stages where approval can be given (like role owner stage) you can activate the button so that it is possible to approve even though risks are coming up.
  To make this setting workable you have also to set parameter 1072 (Mitigation of critical risk required before approving the request) to YES.
  Regarding the mitigation which was set but is obsolet after rejection. There is actually a simple way to remove invalid controls. Run the risk analysis and gather information for "Invalid Mitigating Controls".
  In the result you have the option to change or delete the mitigation.
  Does this answer the question(s)?
  Regards,
  Alessandro

• Removing risks and violations in existing SAP Landscape

  There is a landscape where SAP ECC is already installed and we are planning to install AC 5.3. As the roles are already there in ECC Dev system, so we will perform the risk analysis in Dev and once free of risks, move the role to Production. 
  I would like to know, from where to start in already existing sap roles structure to free up them from risks. Do we need to provide the business process roles to indiviual BP Owners like FI roles to FI team and same for others to clear the risks and violations.  Once completed from them, run them in RAR to found any risk violations remaining. If still found, follow the same process till all the roles and clean and can be moved to production.
  Do we need to start from transaction level?
  Any help appreciated.
  Regards,
  Sanjay

  Sanjay,
  there are various ways to achieve that and many replies are already there (pls search similar threads)
  well small summary will be
  1. customize standard rules per your org requirement
  2. role are already existing, hence i expect they were create business wise
  3. run analysis on all the role and have a report in your hand
  4. discuss with various security leads of each buisness, which risk wish to be removed and which one to be mitigated
  5. once done with cleaning of role, it's time you run analysis on users and mitigate or clean...........
  hope it helps
  regards,
  Surpreet

• I cannot get the Quicktime plugin to update from v7.7.3 to the CURRENT 7.6.6 . My plugins view tells me I'm at risk and need to update but try as I might, it won't take. I consider myself and above average Mac User. Please advise. Thank you

  for some inexplicable reason, I cannot get the Quicktime plugin to update from v7.7.3 to the CURRENT 7.6.6 . My plugins view tells me I'm at risk and need to update but try as I might, through all the known update avenues, it won't take. I consider myself and above average Mac User. Please advise. Thank you

  Someone recently noted a problem staying logged on the Huffington Post since it became connected with AOL. The workaround for that is to change your connection setting here:
  orange Firefox button (or Tools menu) > Options > Advanced > Network
  Click the "Settings" button and choose either "No Proxy" or "Use System Settings" option, and OK the change.
  Not sure whether Washington Post could be affected by that same setting.
  In reviewing your extensions, I'm puzzled that you have both DoNotTrackMe and SavvyConnect. The first one seems to aggressively block certain communications with websites (potentially affecting functionality) while the second one seems to report on your browsing habits (they better pay well is all I can say). Have you tried disabling both of those to see whether that has any effect?
  orange Firefox button (or Tools menu) > Add-ons > Extensions category

• Oracle Service Cloud Achieves Federal Risk and Authorization Management Program Provisional Authority to Operate

  News Summary
  Oracle Service Cloud -- a software-as-a-service (SaaS) solution -- has received a Federal Risk and Authorization Management Program (FedRAMP) moderate provisional Authority to Operate (p-ATO) from the Joint Authorization Board (JAB), comprised of the Chief Information Officers (CIOs) of the U.S. Department of Homeland Security (DHS), U.S. Department of Defense (DOD), and U.S. General Services Administration (GSA).
  News Facts
  Oracle announced that Oracle Service Cloud -- a software-as-a-service (SaaS) solution -- has received a Federal Risk and Authorization Management Program (FedRAMP) moderate provisional Authority to Operate (p-ATO) from the Joint Authorization Board.
  The Oracle Service Cloud is Oracle's premier Software as a Service (SaaS) solution providing the industry's best in class customer service platform for enterprise customers. Oracle customers can deploy Oracle Service Cloud onto a robust, secure infrastructure hosting Oracle's patented customer experience (CX) software applications in an environment accredited to FedRAMP-moderate specifications.
  Oracle Service Cloud has been granted a p-ATO by the FedRAMP's Joint Authorization Board (JAB), the primary governance and decision-making body for the FedRAMP program. A JAB p-ATO provides a government wide view for security and stringent review by the JAB Technical Representatives from the DHS, DOD, and GSA. As a result, government customers can save time and money by leveraging Oracle's JAB approval to grant their own authority to operate without having to go through a full certification and accreditation.
  The rigorous review of Oracle's environment was completed by an accredited third-party organization at the FedRAMP moderate baseline level, for a SaaS offering using a community deployment model.
  Supporting Quotes
  "Oracle is very excited to announce the Service Cloud p-ATO as we continue to work towards meeting our public sector customers' demands for a highly secure, robust suite of cloud solutions built for government," Aaron Erickson, Director of Government Innovation, Public Sector North America, Oracle.
  EMarkets Daily
  Executive Biz
  FCW.com
  Markets Daily
  Tech Taffy
  Business Week
  CNN
  Congoo
  Yahoo Finance

  Have you checked the docs? There are some specific docs for enabling security like http://docs.oracle.com/cd/E18941_01/tutorials/jdtut_11r2_29/jdtut_11r2_29.html
  which guide you through the process.
  Timo

• Project Risk and Issue link in PDP

  Hi ,
  I need to create issue item in a PDP with the New item form.
  In my organization people don't want go another page for creating issues , risks and deliverable.
  How to integrate with these item in a PDP or how to put direct link for create new item in a PDP.
  Another PDP they need to show the created items also .
  Is there any way to do this scenario?

  Hi,
  You will find below 2 blogs with the procedure for displaying risks and issues lists in a PDP.
  http://nearbaseline.com/blog/2015/03/project-site-risk-list-in-a-pdp-webpart-2013-version/
  https://pwmather.wordpress.com/2014/04/11/want-to-see-risks-and-issues-on-a-projectonline-projectserver-project-detail-page-ps2013-sharepointonline-sp2013-office365-javascript-jquery/
  Hope this helps,
  Guillaume Rouyre, MBA, MVP, P-Seller |

• I want some project ideas for the theme: 'Risks and Benefits'

  My high school organizes a C# contest on the theme 'Risks and Benefits', and we have to anticipate what they can give us to do.
  I would appreciate some ideas!
  ...Sorry if I put the question on a wrong forum...

  Hi OVlad,
  Actually this forum is to discuss VS IDE, so I’m afraid that it is not the correct forum.
  In addition, the specific language development forum are discuss the issues when you develop apps, so if you want to develop an app or you want to get the whole demo, I’m afraid that it is out support the language development forum, but if you get any code
  issues when you create the app, you could post this issue to these forums like the C# forum here:
  http://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=csharpgeneral
  Anyway, since it is not the VS IDE issue, I will move this thread to the off-topic forum. Thanks for your cooperation.
  Best Regards,
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Where can I download EGRCM8.0(Governance, Risk and Compliance Manager)

  hi all, i would like to know where I can get EGRCM 8.0(Enterprise Governance, Risk and Compliance Manager)? i can't find it in the Download page.

  Have you tried http://edelivery.oracle.com ?
  HTH
  Srini

• Clarifying the need for Governance Risk and Compliance in Defense

  Since Defense organizations must deal with managing internal compliance efforts and are continually challenged to provide clear evidence of internal controls to stakeholders (executives, legislators, constituents) I beleive there is a need by these organizations to leverage governance, risk and compliance solutions that can help them manage these activities...
  I want to put out a call to the community to see where you may see the need beyond the areas I mentioned above for governance, risk and compliance in Defense

  Hi Dante,
  You are correct; showing compliance is a key driver behind Defense organizations choosing GRC products.  However, your question isn't as easy as providing you with a list of standard reasons for investing in GRC.  What is required is an understanding of each discipline; Governance, Risk and Compliance, and translating these areas into real business scenarios for the customer.  In your example, Compliance is only one aspect in GRC. The Public Sector is open to discussions on Governance and Risk as well.  These organizations establish strategy/policy just like the private sector (Governance), and need to use tools/practices like Risk Management to identify and address threats to their objectives.  Hope this helps.  Dan

• Documentation for  Governance Risk and Compliance Applications Suite

  Hello,
  Can someone please point me the location where to download install guide of Governance Risk and Compliance Applications Suite.
  I check http://www.oracle.com/technology/documentation/grccs.html but download page takes me to a blank page.
  Thanks.

  Pl check again - your link takes me to the doc website without issues
  HTH
  Srini

• Risk and Controls in SAP ISU - auditing.

  Dear All,
  Could anyone advise what the Key Risks and the Key Controls are in SAP ISU, what the touch points are in the Business Process or point me in the right direction. I would like to do an audit for ISU like I have undertaken in Security and Basis. Is there a risk and control mix? (Not SoD)
  Kind Regards
  Camran

  Here are some points:
  1) Verify FICA with FI
  2) Verify FICA with BW
  3) Verify Billing with BW
  4) Verify Invocing with what has been printed
  These are not standard ISU reports therefore they need to be developed. Usually they are developed using SAP Script based on the audit particular requirements.
  Hope it helps,
  Daniel Toba
  [www.sap-isu.net|www.sap-isu.net]
  sap isu community

• Amend Risk and Issue fields

  Hi
  Wonder if anyone can help, we have just subscribed to Project online and I need to customise some of the screens to take into account our Risk and Issue requirements.
  I have been looking around and I can edit a project Risk and Issue columns but not sure how I edit the default risks and issue tables so it can be applied to all projects?
  Any help greatly appreciated.
  Regards
  S

  Hi Sean,
  To do this, you have to customize a new project site, save it as a template and associate it to an Enterprise Project Type. It will be applied to all new prject site.
  Here is an excellent blog that gives the procedure:
  http://www.prasannaadavi.com/2013/05/customizing-project-site-template-in.html
  PS: I changed your discussion into a question.
  Hope this helps,
  Guillaume Rouyre, MBA, MVP, P-Seller |

• Enhancing Risk and Control Matrix Report

  Hi All,
  I have added 2 field in the subprocess(Central Subprocess and Local Subprocess). I need to add these add 2 new columns in the Risk and Control Matrix. I have done the configurations and two new column is added in the report. But these columns are coming as blank that means no value is coming. Both columns are blank where as value is there for those two field in subprocess.
  Where am I missing. I am struggling hard but unable to do this.  Please help if me if you can. Help will be appreciated.
  Thnaks.
  Gourab

  Hi chesternut,
  According to your description, you want to create a matrix with different background color based on the value in textbox. Right?
  In Reporting Services, matrix generate columns based on the column group. In this scenario, if you want to specify different background color of textbox, you can use switch() function to set it. Please refer to the expression below:
  =Switch(ReportItems!textbox.Value>0,"Red",.......,ReportItems!textbox.Value=0,"Green")
  Reference:
  Expression Examples (Report Builder and SSRS)
  If you have any question, please feel free to ask.
  Best Regards,
  Simon Hou