SAP GRC PC 3.0 - Report Center (Webdynpro) dump

Similar Messages

• SAP GRC 10.0 on ECC

  Hi Guys,
  We are planning on implementing SAP GRC 10.0. Our Basis guy has suggested that we can use ECC (EHP 6) box for installing the add on(GRCFND_A) component for it. The reason for this is to avoid adding another system to the landscape and to reduce the cost of implementation
  Are there any known issues using this approach?
  Thanks in advance,
  Silver

  Hi
  the GRC project is totally IT driven.
  I get why you are having to drive this - especially when you have to respond to audit requirements and your focus is on support processes.
  However, GRC is all about business risk management - Governance, Risk and Compliance (well internal controls). The GRC System is just the tool to manage this. Without business buy in how is this going to be successful? Who will review business process to determine what a risk is? Who in a senior leadership position will determine what risks are acceptable? Who will determine appropriate controls, report on them, and more importantly enforce them? Who in a leadership position will champion the project and support why a user must work a certain why (including access removed from them)?
  I get that you are focussing on a POC and trying to minimise cost but what happens post POC? I've given recommendations where I've said don't put in GRC until you sort your process and culture. I've done this as much as the innner techy in me knows I won't get to play with a new toy because without all the business buy-in you will have a system built and deployed that gives you a false sense of security when it comes to managing access controls.
  Another way to look at the SP issues - what happens if it's on ECC and the functional team (aka the business representatives) demand an SP increase for their functionality? They proceed to increase SP and now your functionality stops working.. which then impacts the business as you can't process their access requests and give them timely access to the system (assume this is your business case). Are your basis team going to tell the business that they can't have the SP stack increase because IT needs the system on a certain level and they need to wait until next time it's compatible?
  Good luck with your POC. I understand it will allow you to use the tool and check what will work for the business. If you are still undecided on system landscape post POC, take care in having that decision made for you. As you go down the POC path and time runs out the project may move from POC to design/build and now that it's working there will be reluctance to move it to a separate system.
  Regards
  Colleen

• Mitigation in SAP GRC AC

  Hi all,
  Two questions regarding mitigation in SAP GRC AC:
  1)
  Reading through the forum, we have seen that if monitor does not execute the report (action) within the frequecny set and alert is generated. Are these alerts sent out to the mitigation controls' approvers automatically or need to be triggered by executing alerts generation with mitigation flags set?
  2)
  If WF  is set and appropriate configuration is set in RAR, approver activities in CUP are approval for mitigation control maintenance and mitigation control assignment. Is this correct?
  Thanks in advance. Best regards,
    Imanol

  Hi Imanol,
     Here is my response:
  1) Reading through the forum, we have seen that if monitor does not execute the report (action) within the frequecny set and alert is generated. Are these alerts sent out to the mitigation controls' approvers automatically or need to be triggered by executing alerts generation with mitigation flags set?
  You need to go to Alert Generation -> Select Generate Alert log, Control Monitoring under Action Monitoring and Alert notification.
  2) If WF is set and appropriate configuration is set in RAR, approver activities in CUP are approval for mitigation control maintenance and mitigation control assignment. Is this correct?
  Yes, that is correct.
  Regards,
  Alpesh

• Drill Down report using Webdynpro

  Hi Guys,
  Is it possible to develope a drill down report in Webdynpro?
  If yes, can somobody direct me to any tutorial for creating Drill Down Webdynpro Report.
  I need to convert an ABAP drill down report to Webdynpro Drill Drown.
  Thanks,
  mini

  Hello,
  Yes, it's possible, using the linktoaction element please see this: [/people/david.halitsky/blog/2006/09/22/learning-what-you-dont-need-is-as-important-as-learning-what-you-do-parts-10b-c-of-event-driven-tutorial-on-wdrtestuielements] and [https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/db22242d-0701-0010-28a2-aeaa1fefd706].
  Regards.

• SAP GRC Access Control - Compliance Calibrator - License Cost

  Dear all,
  I have some questions on Compliance Calibrator implementation.
  1. Do  we have to pay additional cost for the license to implement Compliance Calibrator?
  2. Since SAP GRC 5.3 is just released, which one do you recommend? SAP GRC 5.2 or 5.3?
  3. What would be the major difference between Compliance Calibrator in GRC 5.2 and 5.3?
  Best regards,
  Rolando

  Hi Rolando-
  1. Yes, there lies some license cost and the amount should not as much as taking SAP R/3 license. I am not sure of exact amount but its nominal as compared to other SAP products.
  2. SAP always recommend for the latest version available and why not one would go for latest version if you are paying something for that.
  Also, it depends on your existing R/3 version and its compatibility. In short run, you can choose per your existing versions but in long run everyone has to move to latest version. Say for example whoever is using SAP R/3 technology with whatever version, they all need to upgrade to ECC6.0 by 2011 with extension upto 2013. I am not sure of any such information about GRC AC though.
  3. Some enhancement have been done with CC 5.3. Those features include-
  1. Risk analysis for SAP Enterprise Portal and UME
  2. BI integration for custom reporting
  3. Reporting enhancement features include additional auditor, business manager and IT reports
  4. SOD management by exception. Can be integrated with workflow.
  5. Import/Export of configuration data
  6. Migration scripts
  7. Download and print capability on every report.
  Some performance improvements-
  1. Concurrent risk analysis.
  2. batch mode risk analysis
  3. Improved memory mgmnt etc.
  Hope it gives you now some more visibility.
  Cheers!
  Ashok

• SAP GRC AC 5.3 RAR Background jobs are cancelled

  Hi Experts,
  we have newly implemented theS AP GRC AC 5.3 RAR  Help me in troubleshooting the Background jobs cancellation in SAP GRC AC5.3 RAR.. we have reported this issue to customersupport they asked us to upgrade the front end  patch level to Sp15, even we upgraded still i have the same problem.. later we upgraded the backend patch  according to the SAP Note. still the problem is not resolved.
  Latest recommendation they are asking us to uninstall the SMD agent.. and also my java control.exe is showing yellow color
  help me how to resolve the issue.??
  Edited by: n.s.k mohan on May 10, 2011 6:21 AM

  Hi,
  Could you please first change RAR log settings to Java logger then take a restart of the system. After that log for your background will start coming in RAR. Then schedule the job if it fails then paste background job log here.
  Also, in future, please raise GRC related issue in GRC forum so that you can get more replies.
  Thanks
  Sunny

• SAP GRC AC 5.3 integrated with BW

  Hi all,
  Has anyone of you implemented integration between SAP GRC AC 5.3 and BW and develop custom reports?
  Thanks in advance. Regards,
     Imanol

  Imanol,
  There is documentation available for the integration.  You can find that here:
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/e05a9879-d204-2c10-54a9-ebc94eaddc4e?quicklink=index&overridelayout=true
  Also, there are numerous pre-delivered queries already developed.  However, if you wish to develop your own reports, then you will need a BW resource to do so.
  Pre-delivered queries:
  For RAR:
  Alert Detail Listing
  Alert Header Listing
  Critical Action Violations by User
  Critical Role Viols Analysis with Long Portal IDs
  Current User Permission Risk-Perm Violation Analysis Breakdowns
  Current User Permission Risk Violation Analysis Breakdowns
  Management Summary Total Listing
  Mitigated Users Analysis
  Risk Long Descriptions
  Risk-Rule Set Relationship Listing
  Role Permission Risk Violation Analysis
  Role (Portals) Permission Risk Violation Analysis
  Supplementary Rule Detail Listing
  Supplementary Rule Header Listing
  User Permission Risk Violation with Functions
  User Permission Risk Violation with Remediation by User
  User Permission Risk Violation with Remediation by User (Top 10)
  User Permission Violation with Remediation by Risk
  User Permission Violation with Remediation by Risk (Top 10)
  For CUP:
  Access Requests
  Risk Violations
  Role Provisioning
  Service Levels
  SOD Review
  User Access Review
  User Provisioning
  Thanks!
  Ankur
  SAP GRC RIG

• Upload of SU24 Auth. objects in SAP GRC AC 5.3

  Hello,
  We are in process of SAP GRC AC 5.3 implementation, and our SAP System is not updated to SU24 (Authorization objects), in which USOBT_C is populated.
  In GRC AC 5.3 Pre-implementation checklist, it is mentioned about the above, being necessary.
  If the SAP System is not updated to SU24, then what is the other way, to upload authorization objects in RAR Post-Install Steps, after we have already completed SAP GRC Tools ( all the SCA files) install and backend RTA installation?
  Thanks!

  hi
  1. Create file (automated via batch job) from SU24 (report /VIRSA/ZCC_DOWNLOAD_SAPOBJ)
  ==> SA38 --> Background --> create a variant where you fill out the value for the server + filename (no extension needed for filename) --> schedule periodically
  2. convert to UTF-8 format (how can this be automated?)
  --> not necessary ; in my system it is UTF-8 by default
  3. upload periodically into RAR via background job (from AIX based file system !)
  --> configuration tab --> upload objects --> permission --> choose system --> leave local file blank and fill out server location (drive letter) --> click background and schedule the job daily. This is not a heavy job, therefore daily.
  Sam Szafranski
  Senior Consultant
  axl & trax

• CAreer in SAP BASIS comaprision with SAP GRC/Security

  Hi Everyone,
  I am an SAP BASIS consultant with 2 years of experience working in a MNC company,
  I want to change my career to SAP GRC/SAP Security, i have some basic knowledge on SAP Security,
  COuld you please advice me, which one to choose,?
  Does  SAP GRC/Security has demand , and can we get oportunities to work abroad compared to SAP BASIS ?
  which one has more scope SAP BASIS or SAP Security/GRC ?
  Because in BASIS, i am not getting enough scope to work on some good things like Installation, upgrades, Migration,
  i am doing a very basic kind of work like tranports, job scheduling, monitoring, and other small activities ?
  So request you people to advice me ?
  <removed_by_moderator>
  Read the "Rules of Engagement"
  regards
  Rakesh  Rao
  Message was edited by: Juan Reyes

  Hi Rakesh
  I saw your post in GRC and was waiting of it to appear here
  First up - 2 years is still junior. You may find batch jobs, transports, monitoring, etc all mundane but it is a foundation and learning ground work and foundations to being a good Basis Administration. And one things for sure, an awesome basic (I name my best-techy-friend) makes a huge difference on project timelines and deliverables for the rest of us.
  Installation and Upgrades come with time. Whilst still performing junior tasks you could focus on reading up on approaches in case an opportunity in your job comes us and be prepared to prove to your management that you are ready for a bigger responsibility.
  Switching to GRC/Security would be pointless unless you have a desire to learn GRC or Security. These are my background and they are undervalued until things go wrong (insurance policy in a way).
  If you do switch you will reset your 2 years of domain experience back to 0 and you will start off with password resets and basic user administration
  It takes time to work through the ranks. It was 3 years before I got to build my first role. I spent my first few years in security on email chasing approvals, password resets, user account creation, running reports for audit - sounds familiar to what you are doing now?
  You have to master the basics before you are trusted and ready for the more complex activities. By knowing what you are doing now you will be more successful when the time comes to step up and do migrations, upgrades and installations. Support production by mastering you technical analysis skills is how you can break through being a fresher/junior
  Regards
  Colleen
  Ps - if your motivation is more than "good things" happy to answer questions specific to security and GRC.
  Also, boring doesn't mean it can't get interesting nor does it mean it's a worthless activity: SPAU transport imported before patching!!
  Message was edited by: Colleen Lee
  Added link for when transports go bad

• Enterprise Risk Management Approach in SAP GRC

  Hi All,
  Can you please let me know  as to what is the approach followed for implementation of  Enterprise Risk Management (ERM) in SAP GRC.  Also please tell me how the internal control frameworks like COSO, COBIT is mapped to ERM in SAP GRC.
  Regards
  Vivek

  Dear Vivek,
  While assigning roles to users, you will be displayed the risks that are identified with those roles, if any. You can either mitigate or remove the roles.
  The process covered by GRC Risk management includes the following steps:
  -Risk Planning: Determines the approach to risk management in each business area or project. This includes setting up the risk management organization and defining risk thresholds . This phase is partially supported by a software application.
  -Risk Identification and Analysis: Identifies the risks in order to analyze and prioritize them along different attributes, such as probability of occurrence and potential total loss associated to the risk.
  -Risk Response: Decides on actions needed to respond to a risk. One action could be to actively mitigate the risk to reduce probability of occurrence and/or potential impact.
  -Risk Monitoring: Includes the regular update of risk information and the risk reporting to monitor progress along the risk management process.
  The Risk Management application provides a set of different reporting capabilities based on the individual needs of the target groups:
  -A set of built-in reports that are delivered with the application. These reports allow risk managers to review the current risk state.
  -Visual Composer based dashboards that provide information about the current risk status on an aggregated basis. The dashboards fulfill the risk reporting needs of senior managers and line managers.
  Step 1: You maintain the Risk structure
  1. You set up the organizational hierarchy
  2. You set up the Activity Hierarchy
  3. You set up the Risk Hierarchy
  Step 2: You perform the Risk Assessment
  1. You identify the risks
  2. You analyze the risks
  3. You respond to risks
  4. You document the Incidents
  Step 3: You analyze risk reports
  1. You generate risk reports
  2. You report the incidents
  Step 4: You analyze the dashboards
  Refer SAP documentation on GRC for more information.
  Regards,
  Naveen.

• Cross Organization SOD Conflict in SAP GRC

  Hi,
  I have a quick question:
  Does SAP GRC allow you to capture cross Organization level value conflict. I just checked the Auth. Object for Org level Company code with $BUKRS under transaction codes in Functions, this shows disabled by default.
  Example: If I have access to  SU01 in Company Code 1 and access to PFCG in Company Code 2 will this be risk based on SAP standard SOD Rule set.
  Your quick response will be appreciated. Thaning you in advance.
  Thanks & Regards,
  Abhimanu Kumar Singh

  Hi
  As already stated by Martin, one of the option for handling adtional backup access to users could be through Superuser Privilage management(If GRC has been implemented with your client). This would allow detailed reporting at transaction level for audit purposes.
  If GRC is not implemented with your client then any additional access which is resulting in SoD, there has to a proper documentation of temporary access assignment to users(For Audit purpose). Mitigation control should be documented and submitted by the supervisor of the user to the SoD team to ensure proper compliance is in place for the additional access provided to the user.
  Thanks.
  Anjan

• Sap grc note require

  Hello all.,
  Can someone tell me how to view java table (on GRC server) to see all tcode and object are there. None our full sod roles not showing any conflictions. we have su24 action and permision level file uploaded but still no confliction.
  can please anyone know the sap note number where they define the procedure how to view java table on grc server.
  Thanks

  Hi Junaid,
  If you're looking for a list of tables and definitions for generating custom reports, check note 1369045.
  But i guess you just look for tables to see if are filled, check some threads like this:
  Most commonly used tables in SAP GRC & SAP HR
  I guess check the database tables could be OK as a first view, but it should not be the way to do the error analysis. The naming convention for the tables is clear.
  Cheers,
  Diego.
  Edited by: Diego I. Yaryura on Dec 15, 2011 4:37 AM

• SAP GRC NF-e 10.0: Erro na interface NFB2B_procNFe_IB (contendo CDATA)

  Olá a todos.
  Poderiam por gentileza me ajudar com a questão abaixo?
  Estou com o seguinte problema na interface NFB2B_procNFe_IB do SAP GRC NF-e 10.0 (Support Package 15):
  Recebemos uma série de XML's de montadoras de automóveis que contém informações adicionais nas tags <infAdProd> e <infCpl>, como por exemplo:
    <infAdProd>VLR. PIS R$ 6,81 VLR. COFINS R$ 31,44<![CDATA[<ID ITEM=005115/><PED=4500159772/> <UM=PC/>]]></infAdProd>
  Porém ao inserir essa mensagem na interface NFB2B_procNFe_IB, a interface interpreta da seguinte forma:
      <infAdProd>VLR. PIS R$ 6,81 VLR. COFINS R$ 31,44
        <![CDATA[
          <ID ITEM=005115/>
          <PED=4500159772/>
          <UM=PC/>]]>
          </infAdProd>
  Sendo assim, ocorre o erro abaixo:
  <nm:ExchangeFaultDataExt xmlns:nm="http://sap.com/xi/NFE/common" xmlns:prx="urn:sap.com:proxy:NED:/1SAI/TAS8DFA2846CCAA9B6570C6:702">
    <faultText>Erro durante a transformação: Fim de elemento '{http://www.portalfiscal.inf.br/nfe}infAdProd' esperado programa: /1SAI/SAS6F90159886715E7C4560 caminho: nfeProc(1)NFe(1)infNFe(1)det(4)infAdProd(3)ID(1)</faultText>
    </nm:ExchangeFaultDataExt>
  Sei que temos algumas opções como:
  1. Alterar o XML no mapping do PI; (Funcionaria com mensagens processadas através do PI, mas não conseguiria inserir um XML manualmente via SE80)
  2. Alterar o XML no ABAP ao executar a classe /XNFE/CL_006NFB2B_PROC_NFE_IB; (Fazer algum replace nesses caracteres "<" e ">" por "&lt;" "&gt;"
  Mas como fazer isso sem danificar a assinatura do XML que já está assinado e autorizado na SEFAZ?
  Existe alguma nota SAP para corrigir esse problema?
  Agradeço desde já a atenção.
  Rodrigo Costa.

  Felipe,
  também tive o mesmo problema do lado do NTB2B_procNFe_OB. Tentei de várias formas transformar o XML para ficar aderente ao cliente, porém o PI sempre alterava o XML (possivelmente devido ao encoding).
  Vi muitos posts sobre o tema, mas ainda quando era o GRC NF-e 1.0, com a assinatura no Java. Para o GRC 10.0 não funciona, pois quando o xml chega no PI, o mesmo já está assinado, portanto não se pode alterar nada.
  A solução foi para nesses casos específicos enviar o xml através do ECC mesmo.
  Mas para o NFB2B_procNFe_IB ainda sem solução.
  Abs.
  Rodrigo.

• SAP GRC NFE não processa NFE's com itens que possuam diferentes alíquotas de IPI.

  SAP GRC NFE não processa NFE's com itens que possuam diferentes alíquotas de IPI.
  Alguém sabe se esse problema já foi resolvido ou conhece um contorno para essa situação ?
  Desde a implantação em junho de 2013 não conseguimos processar notas que possuem itens com diferentes aliquotas de IPI.

  Bom dia Fernando (que bom te encontrar aqui também :-)!
  Então, o Denny da SAP Alemanha me retornou dizendo que temos que instalar o XI Content SLL-NFE 10.0 e criar novamente os cenários da NF-e.
  Eu estou entrando em contato com o nosso Basis que fica em Lima para ver se é possível que ele instale este componente, para que eu crie novamente os cenários da NF-e (extensão _900).
  Após a recriação dos cenários, será que eu consigo reenviar as NF-e de teste novamente ou terei que estornar os documentos e fazer os processos novamente?
  Obrigado pela ajuda!
  Att.
  Daniel

• SAP SP necessária para suportar os componentes para o SAP GRC NFE 1.0 no XI

  oi,
  Como estamos atualizando as nossas caixas de XI de SAP XI SAP PI 3.0 para 7,11, verificando o SLD notamos que Nota Fiscal componente de software está disponível. Assim, a pergunta é o que é que os Service Packs do sistema fonte precisa ter, a fim de fornecer todos os componentes necessários para a NF-e?
  temos dois sistemas de fonte da qual enviamos os dados para XI, você pode sugerir o que é o pacote de serviços adequados para apoiar SAP GRC NFE 1.0 no XI
  1> 6,0 SAP ECC, SP, 14
  EHP 2, Nível 2
  PI_Basis = 2005_1_700, Level 14
  ST = PI 2008_1_700 Nível 2
  2> 6,0 SAP ECC, EHP 4
  Muito obrigado

  Ola, vi o seu e-mail mas resolvi responder por aqui!
  Na realidade, se voce for realmente trabalhar com o GRC, dependendo da secretaria da fazenda que voce ira trabalhar aconselhor que voce aplique o sp15 no grc, consule SAP Note 1487119, nessa nota haverao todos os procedimentos necessarios.
  Como haviamos falado anteriormente por e-mail, seria necessario, caso vc realmente queira trabalhar com o GRC a aplicacao de algumas notas tecnicas no proprio GRC.
  1477834     XML Layout Version 2.00: Missing parameters in NF-e BAdI
  1487119     SAPK-10015INSLLNFE: Support Package 15 for SLL-NFE
  1496216     Rejection of NFe because of wrong data type of date fields
  1499921     Problem with validation after implementing SP15
  1498700     Problem on signing NF-e
  1497767     Fill field qTrib for new layout version 2.0
  1500046     Upgrade validation rule for field ID for version 2.0
  1500742     Adjust validation for field NADICAO and NSEQADIC layout 2.00
  1501545     Problems in trying to see a XML in the IE
  1502612     Select the NFe Status Check Service for Incoming B2B message
  1502217     Extend validation rules for <DI>/<adi>, layout 2.00
  Sem mais, precisando me mais ajuda avise