Skipping the risk analysis

Hi All,
I have  CUP .net version in GRC.We have a risk analysis mandatory for every request.I want to know if I can skip the risk analysis for some orders in CUP.How I can do it.
Thanks in advance

Yes, you can skip.
Goto -> CUP Configuration -> Workflow -> Stage -> Addition configuration -> Risk Analysis Mandatory ->NO
Suggest you to perform risk analysis if its part of your process..
Rakesh

Similar Messages

  • Critical permissions are not showing in the risk analysis in GRC10.0

    Hi all,
    We noticed that critical actions are flagging the in risk analysis report but not the critical permissions.
    As far as I know all the settings are in place.
    Is any one has any idea why critical permissions are not flagging? Our GRC is at SP14.

    This has been resolved

  • After the risk analysis I am trying to mitigate the users with risk ID and I am getting an authorization error.

    Dear All,
    I am trying to mitigate some users and after running risk analysis when I am trying to mitigate them I am getting an error saying I am not authorized to do so.
    I have requird roles to do my activity-

    Dear Prasant,
    I am getting above error.
    I have required roles
    GRC_CONTROL_APPROVER
    GRC_RISK_OWNER
    Regards,
    Abhishek

  • The risk analysis results are different when choose report type as "summary" and "management" summary

    Hello experts,
    I found a expired user with SOD conflicts in "management summary" report format, but it doesn't exist in "Summary" report. You can find the screenshot in attached file. The user name is "YINPENG2_BK".
    What happened? The result of different report formats are from different data source?
    Sincerely yours,
    Lynn

    Hi Lynn,
    that's not an issue from the system. It's more a handling issue as the results are splitted into several result sets. In management summary view you have only one result set as it's grouped by user and risk, whereas you have more than one in summary view (as you have multple entries for each user and risk).
    Change to the second, third, etc. result set and you will see the user in the list:
    Regards,
    Alessandro

  • GRC Risk analysis reports are not checking all possible risk conflicts set up in the rule set that lead to risks.

    Dear All,
    After running the risk analysis it shows only the first conflict for a risk in the rule set (Rule ID 0001). We have already Generated SOD ruleset. Also during migration from 5.3 to AC10.1 all the rulesets were imported properly.
    What could be reason??
    Thanks for your help.
    Regards,
    Abhisshek

    Abhisshek,
    there is already a thread with the same question:  Dear all I only get result for one rule id and not with others what should be an issue?
    Regards,
    Alessandro

  • Risk analysis failed: Exception from the service : Invalid System

    I'm trying to get the risk analysis performed for CUP requests.  When I'm in the process of creating a request, and I add roles to the request and then click on the risk analysis button, I get the above error.
    I checked the URI that I've included in the Risk Analysis section of the configuration and I believe it is correct:
    http://<server>:<port>/VirsaCCRiskAnalysisService/Config1?wsdl&style=document
    I've selected 5.3 web service, and I have provided a user ID that has admin rights.
    What do you think is the reason this error is being thrown?
    The error in the log is:
    2009-11-19 15:04:31,821 [SAPEngine_Application_Thread[impl:3]_39] ERROR com.virsa.ae.core.BOException: Exception from the service : Invalid System
    com.virsa.ae.core.BOException: Exception from the service : Invalid System
    Thanks,
    Santosh

    Frank,
    Thanks for your response.  I was thinking along these lines already and so I have tried to do as you suggest.  However it didn't work and the log indicated that it didn't like my connector name (even though the connector name is now the same as in RAR).
    Caused by: com.sap.tc.webdynpro.services.exceptions.WDRuntimeException: Failed to resolve JCO destination name 'SANDBOX' in the SLD. No such JCO destination is defined in the SLD.
    However, I looked at one of the online post installation checklists for CUP and I gathered that it might be necessary to have the JCo itself renamed at the backend to reflect the name used in RAR, and that should populate into my connector list within CUP (when you click on the magnifying glass).
    I'm waiting to try that out, but I'm not sure about any secondary impact of making a change to the JCo name.
    Let me know what you think about that move.
    Thanks,
    Santosh

  • Cannot find any tcodes while creating the Function id in for risk analysis

    Hi Friends,
    the issues was appeared while I was practising the Risk analysis,
    I went access maintainance , then to fuctions , I  had given the fuction name , business process , analytical scope
    then when I tried to add the t-code , I couldn;t see any t-code to add to the function
    is there any pre-requesties to do before this ?
    Thanks and Reagrds,
    Raghu

    Hi Raghu,
    This behaviour is because of your connector group design.
    Logical connector group can have multiple connectors and as per the design of application, Logical group always read the authorizations from the connector which is listed as first connector in the list. It is assumed that all the connectors which are part of Logical group should be synchronized with each other and having same authorization model in all the systems.
    GRC application is designed in such a manner that the connector which is first in the list of the connectors that are a part of the logical group is only checked. If the Tcode(Action) exists in that system, then the Action can be found for the logicall group. 
    If the Action is not part of the system which is the first system in the list of systems in the logical group then that Action will not be available for selection for the Logical group.
    The intent behind logical group design is to reduce maintenance of rule sets. For example, if you loaded 10 rule sets for 10 physical systems, you would have to maintain them all if a new risk had to be added. Logical groups provide a method to group like systems (components) so that if you make a rule change you do it once for the logical group and when rules are generated the change is updated for all in that group. If you have 10 systems under one (1) logical group, we would pull the transaction from the first connector.  You can name your connectors so that the one you want to be the "master system" is at the top. The assumption is all the systems maintained in the connector group should have the same data or the same actions.
    Refer to the note - 1802010
    Regards,
    Muthu

  • Error during Full Synch Batch Risk Analysis - RAR

    Hi All,
    We are implementation SAP GRC AC 5.3 - SP 9 - RAR
    Currently we have uploaded the text objects and permission objects and performed full sych for User, Roles & Profile with the backend system and it was successful
    Then we have uploaded all the RAR Standard text files for SoD Rules and scheduled a Full Sych for Batch Risk Analysis as a post installation activity. But we got an error as below after 85% of completion and the background job failed.
    WARNING: Error: while executing BatchRiskAnalysis for JobId=12 and object(s):T-RD470878: Skipping error to continue with next object: Batch rolled back. Caused by java.sql.BatchUpdateException: ORA-01653: unable to extend table SAPSR3DB.VIRSA_CC_PRMVL by 8192 in tablespace PSAPSR3DB
    Can somebody please help us in resolving the above error message. Is it something to do with the table space availablity ?
    What are the consequences if we have not scheduled the Full Synch Batch Risk Analysis and start using the tool.We have to add some custom t-codes to the Standard rule set thereby tailoring it to the business requirement.
    Thanks and Best Regards,
    Srihari.K

    Sri,
       As Gangadhar mentioned this is a tablespace issue. You need to make sure to have enough space while running full sync risk analysis job. Please extend your database space and run the risk analysis job again.
    Regards,
    Alpesh

  • Full Synch risk analysis job is not running good

    Hi
    Recently we have started user_full_synch_risk_analsysis job is running but with many error..
    I have checked the SLD it is running, JCO also tested good..checked in debugger...tried to look the data..working good..
    but the log saying "can not extract the data from DEV system"
    it is skipping each userid risk analysis saying the above error and it continuing with other userIDs.. Please help
    INFO:  Job ID:18 : Exec Risk Analysis
    Sep 27, 2010 7:51:38 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO:  Job ID:18 : Analysis starts: XRPM_PM2
    Sep 27, 2010 7:53:04 AM com.virsa.cc.comp.BgJobInvokerView onActionsearchObj
    INFO: Number of users matched:132
    Sep 27, 2010 7:58:30 AM com.virsa.cc.xsys.meng.MatchingEngine matchActRisks
    WARNING:  Error :
    com.virsa.cc.dataextractor.dao.DataExtractorException: Cannot extract data from system (DEV); for more details, refer to ccappcomp.n.log
         at com.virsa.cc.dataextractor.bo.DataExtractorSAP.searchUser(DataExtractorSAP.java:551)
         at com.virsa.cc.dataextractor.bo.DataExtractorSAP.userIsIgnored(DataExtractorSAP.java:529)
         at com.virsa.cc.xsys.meng.MatchingEngine.getObjActions(MatchingEngine.java:682)
         at com.virsa.cc.xsys.meng.MatchingEngine.matchActRisks(MatchingEngine.java:112)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1104)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:297)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1047)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1331)
         at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:402)
         at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:264)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:240)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:80)
         at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:436)
         at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1225)
         at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
         at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
         at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:480)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
         at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
         at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:711)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:665)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232)
         at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
    Sep 27, 2010 7:58:30 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine riskAnalysis
    WARNING:  Job ID:18 : Failed to run Risk Analysis
    java.lang.Exception: Cannot extract data from system (DEV); for more details, refer to ccappcomp.n.log
         at com.virsa.cc.xsys.meng.MatchingEngine.matchActRisks(MatchingEngine.java:118)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1104)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:297)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1047)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1331)
         at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:402)
         at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:264)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:240)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:80)
         at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:436)
         at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1225)
         at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
         at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
         at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:480)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
         at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
         at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:711)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:665)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232)
         at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
    Sep 27, 2010 7:58:30 AM com.virsa.cc.xsys.bg.BatchRiskAnalysis performBatchRiskAnalysis
    WARNING: Error: while executing BatchRiskAnalysis for JobId=18 and object(s):XRPM_PM2: Skipping error to continue with next object: Cannot extract data from system (DEV); for more details, refer to ccappcomp.n.log
    Sep 27, 2010 7:58:30 AM com.virsa.cc.xsys.bg.BgJob updateJobHistory
    FINEST: --- @@@@@@@@@@@ Updating the Job History -
    2@@Msg is Error while executing the Job for Object(s) :XRPM_PM2:Cannot extract data from system (DEV); for more details, refer to ccappcomp.n.log
    Sep 27, 2010 7:58:30 AM com.virsa.cc.xsys.bg.dao.BgJobHistoryDAO insert
    INFO: -
    Background Job History: job id=18, status=2, message=Error while executing the Job for Object(s) :XRPM_PM2:Cannot extract data from system (DEV); for more details, refer to ccappcomp.n.log
    Sep 27, 2010 7:58:30 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine riskAnalysis

    Dear Harikrishna,
    Please mention what is your Support pack. This is an identified bug for SP12 especially synchronizing the users from the backend and doing the risk analysis at the user level. We had the same problem. But for some reason we are now able to do the synchronization from the backend but the management reports are getting updated.

  • CUP 5.3: risk analysis in workflow impossible due to web service performance?

    Hello experts,
    We are facing a huge challenge within a AC 5.3 implementation.
    Here, AC has been used successfully with CUP and RAR for quite some time now. However, the RAR analysis has not yet been integrated into the CUP workflow. We would like to integrate the RAR analyis in CUP now.
    Based on the existing role concept (that uses functional master roles and derived roles per company code, with ca. 30 company codes in place) and the shared service operations in some areas such as FI, there is a large number of users with many roles and consequently, many SoD risks (of course, they are all "repeat" risk per company code).
    This leads to a long RAR analysis run time, but it's still acceptable. Analysis on permission level for such "power users" runs about 1 minute, on action level about 5-6 seconds.
    However, the web service between RAR und CUP is a problem and cannot cope with our violations. We have currently set the threshold to 75000. In this case, the analysis + web service runs 1-2 minutes. However, we have some users with 200-300.000 violations. In this case, if we deactivate the threshold, we will experience a web service time-out eventually, even with analysis on action level because the amount of violations the web service has to process is the same (or even higher with some false positives).
    We also have compensating controls in place for these power users, which will of course reduce the web service run-time considerably. However, this is not applicable to NEW user requests because for those, the compensating controls will be assigned only AFTER the risk analysis has taken place and the risk manager receives the workflow item.
    Has anyone experienced this in the past and found a viable solution or work-around? We are basically short of options and considering dropping the project.
    Note: An upgrade to 10.X is not (currently) a solution because this upgrade is scheduled and budgeted only for later.
    Thanks a lot and best regards
    Patrick

    Any opinions on this?
    Cheers and thanks
    Patrick

  • Getting "Risk Analysis Failed " error while raising request from IDM

    Hi friends,
    Some of the User to Role mapping requests from IDM did not reach CUP (request ID = null) . When noticed the VDS log , we found the error from GRC webservice to be Risk Analysis Failed . We thought it might be an RAR issue , however , the request just got through CUP when submitted from GRC webservice directly . From RAR perspective also, everything looks ok .
    Please provide your thoughts as to whether this error is pertaining to some other issue or suggest me what I can check in Identity center to correct this .
    Thanks in advance for your help .

    The connector set up are all looking correct . However the requests are not getting raised in many cases .
    At one point we identified that , since our SAP systems have been migrated to DB2, some of the systems were down .
    So when the system is down we decided , Risk analysis is failing . however , now the systems are up and running and still the risk analysis is failing .

  • Error while performing Risk Analysis at user level for a cross system user

    Dear All,
    I am getting the below error, while performing the risk analysis at user level for a cross system (Oracle) user.
    The error is as follows:
    "ResourceException in method ConnectionFactoryImpl.getConnection(): com.sap.engine.services.connector.exceptions.BaseResourceException: Cannot get connection for 120 seconds. Possible reasons: 1) Connections are cached within SystemThread(can be any server service or any code invoked within SystemThread in the SAP J2EE Engine), 2) The pool size of adapter "SAPJ2EDB" is not enough according to the current load of the system or 3) The specified time to wait for connection is not enough according to the pool size and current load of the system. In case 1) the solution is to check for cached connections using the Connector Service list-conns command, in case 2) to increase the size of the pool and in case 3) to increase the time to wait for connection property. In case of application thread, there is an automatic mechanism which detects unclosed connections and unfinished transactions.RC:1
    Can anyone please help.
    Regards,
    Gurugobinda

    Hi..
    Check the note # SAP Note 1121978
    SAP Note 1121978 - Recommended settings to improve peformance risk analysis.
    Check for the following...
    CONFIGTOOL>SERVER>MANAGERS>THREADMANAGER
    ChangeThreadCountStep =50
    InitialThreadCount= 100
    MaxThreadCount =200
    MinThreadCount =50
    Regards
    Gangadhar

  • Risk Analysis Failing in ERM 5.3

    Hi All -
    I would appreciate some assistance with pin-pointing an issue that I'm having with running Risk Analysis on roles in ERM. Currently I have RAR configured with the appropriate rule set and generating the expected risk/sod conflicts for users & roles. I have also added the appropriate Web Service Info. in th Misc section under the configuration tab (url, user, pwd) for all sections associate with RAR integration.
    Now when I run a risk analysis on a particular role in RAR i get the correct conflicts however when I get the Risk Analysis stage with ERM I receive the following Error:
    Risk analysis failed; Cannot assign NULL to host variable 5. setNull() can only be used if the corresponding column is nullable. The statement is "INSERT INTO VT_RE_RSK_OBJRULES (OBJCODE, OBJDESC, OBJFLDCODE, OBJFLDDESC, VALFRMID, VALTOID, COND, RSKVIOLID) VALUES(?, ?, ?, ?, ?, ?, ?, ?)".
    I also get this error when trying to run Mass Maintenance --> Risk Analysis:
    Risk anaysis for role "XX:XXXXX" failed
    Before I was getting error: "Risk Analysis performed successfully; No Risk Found" so I referenced SAP Note 1265964 and applied all solution steps.
    Lastly here is the error log:
    2010-01-14 14:59:28,768 [SAPEngine_Application_Thread[impl:3]_31] ERROR com.virsa.re.role.actions.RiskAnalysisAction
    java.lang.Throwable: Cannot assign NULL to host variable 5. setNull() can only be used if the corresponding column is nullable. The statement is "INSERT INTO VT_RE_RSK_OBJRULES (OBJCODE, OBJDESC, OBJFLDCODE, OBJFLDDESC, VALFRMID, VALTOID, COND, RSKVIOLID)  VALUES(?, ?, ?, ?, ?, ?, ?, ?)".
         at com.virsa.re.bo.impl.RiskAnalysisBO.saveObjViolations(RiskAnalysisBO.java:906)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performObjLvlRiskAnalysis(RiskAnalysisBO.java:824)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysisOnSystem(RiskAnalysisBO.java:214)
         at com.virsa.re.role.actions.RiskAnalysisAction.performRiskAnalysisOnMultipleRoles(RiskAnalysisAction.java:609)
         at com.virsa.re.role.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.framework.NavigationEngine.execute(NavigationEngine.java:273)
         at com.virsa.framework.servlet.VFrameworkServlet.service(VFrameworkServlet.java:230)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.framework.servlet.VFrameworkServlet.service(VFrameworkServlet.java:286)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.runServlet(FilterChainImpl.java:117)
         at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:62)
         at com.virsa.comp.history.filter.HistoryFilter.doFilter(HistoryFilter.java:43)
         at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:58)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:384)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Any help would be greatly appreciate it - Thanks in Advance!

    GOing to repost

  • AC 5.3 RAR - combined risk analysis reports for regular auth. and SPM auth.

    Dear All,
    we have users that have regular day-today authorization and also FF authorization.
    Does the Batch Risk Analysis takes into account both authorizations when doing the risk analysis for those users ? will we see it in the reports ?
    Thanks
    Yudit

    ok, so basically the answer is no, in the RAR components we do not have risk analysis for the combinations of the roles assigned to the user and to his FF ID.
    in that case, at what stage does the system checks for those combined risks ?
    is it checked when we manage the risk analysis phase in the CUP request that is asking to assign the FF ID to the user ?
    thanks
    Yudit

  • Risk analysis Report Error in GRC AC 10.0

    Dear GRC,
    I had problem with Risk analysis Report in GRC Access Request form
    When i run the Risk analysis report on Action Level , Permission Level , Critical Action Level and Critical Permission Level then report showing as "No Violations" but if i run the Risk analysis report only on Critical Action Level and Critical Permission Level then report showing too many Violations.
    I maintained Action Level , Permission Level , Critical Action Level and Critical Permission Level as default risk analysis type in SPRO Configuration Parameters settings.
    i am not understanding why system behaves like this. Could you please help me on this.
    System Details : GRC AC 10.0 , SP-12
    Thanks a lot for swift response.
    Best Regards,
    RK

    Hi GRC Team,
    Please help me on this. I am waiting for your replay.
    Regards,
    KR

Maybe you are looking for