Transports in Compliance Calibrator 5.2

I have used the ABAP transport function (TMS, Transport Management System) to transfer rules, alerts, mitigating controls etc from Dev to QA and Prod in GRC CC 4.0 in the past and am looking for similar functionality in GRC's Netweaver version 5.2
I understand the underlying technology differs significantly in the above releases. I have found how to transfer rules using the "Utilities" function however this only allows download to text file, there doesn't seem to be functionality to transport directly from DEV to QAS and PRD.
We are looking for an efficient, secure and reliable way of ensuring consistency between our GRC 'Risk Analysis and Remediation' clients.
Thanks

Hi Mark,
unfortunately in this release there is no transport mechanism. The only way is to use the text file upload which you already know.
From what you are saying I`m left with the impression you have separate CC instances that you use for risk analysis on users and for risk analysis on roles. Am I getting this right? If that is so, could you please share what is the reason for splitting the analyzed backends in two CC instances?
Regards,
Iliya

Similar Messages

4.6C to ECC 6.0 upgrade - Issue with Virsa Compliance Calibrator

The issue is that phase IS_SELECT during the PREPARE is not detecting VIRSA as an add-on. This of course will result in VIRSA not being upgraded and the system will be unstable ( note 989368 ). Also, I can't choose to delete the add-on either.
We installed the compliance calibrator before SAP purchased VIRSA. So, the tool was installed through transports, not SAINT. I assume this is why phase IS_SELECT is not seeing the tool.
Any ideas?
-Scott

Received a reply from SAP. Since VIRSA was installed through STMS the IS_SELECT phase will not see the add-on. I had to do the ECC 6 upgrade as normal and then install VIRSA 4.0 for SAP 700 systems through SAINT.
I had to clear SPDD and SPAU as much as possible for /VIRSA/* objects. However, there were six objects I could not clear. This did not cause any issues.
Notes 1006083 and 985617 are needed for this procedure.
Thanks for all the suggestions.
-Scott

Compliance Calibrator 4.0 - importing Long Risk Detailed Description text

We just installed Compliance Calibrator, in Production, and we need to import the Long Detailed Description text, for each risk, from client 000 to our production client (600).
Our Basis staff do not want to unlock the system for client copy imports. Is there another way of importing the Long Detail Description text for each risk, into Production, without unlocking the system for client copying?

Hi, when you transport with Utilities -> Rule Transport , the Long Risk DEsc is not transported ?
Claudio

Is Compliance Calibrator the same as GRC Access Control?

I have been asked to look at Compliance Calibrator and am getting confused about what functionality is offered. I have done the basic e-learning course for Compliance Calibrator (GRC200): this was all about separation of duties etc. Fair enough. But I also have a Document called "SAP GRC Access Control" which talks about the same S.O.D compliance functionality but also talks of "roles triggering workflows", "users creating roles", "automated approvals for roles" eg:
"SAP GRC Access Control streamlines access requests by filling each request automatically with user identity information from a lightweight directory access protocol (LDAP) directory or HR database, thereby eliminating the need for user intervention. Approvers receive an e-mail with a direct hyperlink to the request inside the application, where they can easily view and approve the request. The application then checks for security violations before updating accounts automatically."
None of this was covered on the Compliance Calibrator course, so what product offers this? I can see another product by Virsa called Access Enforcer but have no info on this... can anyone enlighten me?

SAP GRC Access Control is the SAP application that comprises the former Virsa products Compliance Calibrator, Access Enforcer, Risk Terminator, Firefighter and Role Expert.

Custom report on Compliance Calibrator Job scheduler

Currently in compliance calibrator it is not possible for a user to view the status, success or otherwise, of another users scheduled job or sync unless granting that user full administrator rights.
Please advise if it's possible to expose the underlying scheduled job table for a given system via a custom built static html web page. Can you advise of the table that results would need to be displayed from and whether there would be any drawbacks of this approach, or if others have somehow solved this problem with another solution, please share?!
What are SAP's timeframe's for finer grained security in CC?

below are the tables used for CC:
VIRSA_CC_ACTRULE               SAPSR3DB
VIRSA_CC_ACTRULHDR             SAPSR3DB
VIRSA_CC_ACTVL                 SAPSR3DB
VIRSA_CC_ADMIN                 SAPSR3DB
VIRSA_CC_ALLASTRUN             SAPSR3DB
VIRSA_CC_ALLISTDTL             SAPSR3DB
VIRSA_CC_ALLISTHDR             SAPSR3DB
VIRSA_CC_ALTCDLOG              SAPSR3DB
VIRSA_CC_AUTHHT                SAPSR3DB
VIRSA_CC_AUTHMAP               SAPSR3DB
VIRSA_CC_BKGINP                SAPSR3DB
VIRSA_CC_BUAPPVR               SAPSR3DB
VIRSA_CC_BUMONITOR             SAPSR3DB
VIRSA_CC_BUSPRC                SAPSR3DB
VIRSA_CC_BUSPRCT               SAPSR3DB
VIRSA_CC_BUSUNIT               SAPSR3DB
VIRSA_CC_BUSUNITT              SAPSR3DB
VIRSA_CC_CDHDR                 SAPSR3DB
VIRSA_CC_CDPOS                 SAPSR3DB
VIRSA_CC_CGROUP                SAPSR3DB
VIRSA_CC_CONFIG                SAPSR3DB
VIRSA_CC_CRACT                 SAPSR3DB
VIRSA_CC_CRACTT                SAPSR3DB
VIRSA_CC_CRACTVL               SAPSR3DB
VIRSA_CC_CRPRM                 SAPSR3DB
VIRSA_CC_CRPRMVL               SAPSR3DB
VIRSA_CC_CRPROF                SAPSR3DB
VIRSA_CC_CRPROFT               SAPSR3DB
VIRSA_CC_CRROLE                SAPSR3DB
VIRSA_CC_CRROLET               SAPSR3DB
VIRSA_CC_CRROLEVL              SAPSR3DB
VIRSA_CC_DATAEXD               SAPSR3DB
VIRSA_CC_DETDESC               SAPSR3DB
VIRSA_CC_FLDMAP                SAPSR3DB
VIRSA_CC_FUNC                  SAPSR3DB
VIRSA_CC_FUNCACT               SAPSR3DB
VIRSA_CC_FUNCBP                SAPSR3DB
VIRSA_CC_FUNCPRM               SAPSR3DB
VIRSA_CC_FUNCSYS               SAPSR3DB
VIRSA_CC_FUNCT                 SAPSR3DB
VIRSA_CC_GENACT                SAPSR3DB
VIRSA_CC_GENOBJ                SAPSR3DB
VIRSA_CC_GENOBJT               SAPSR3DB
VIRSA_CC_GENPRM                SAPSR3DB
VIRSA_CC_GENUSR                SAPSR3DB
VIRSA_CC_GPRMLIST              SAPSR3DB
VIRSA_CC_GSEQ                  SAPSR3DB
VIRSA_CC_JOBHST                SAPSR3DB
VIRSA_CC_LASTRUN               SAPSR3DB
VIRSA_CC_LOCKTABLE             SAPSR3DB
VIRSA_CC_LSYSGRP               SAPSR3DB
VIRSA_CC_MGALERTS              SAPSR3DB
VIRSA_CC_MGCRTR                SAPSR3DB
VIRSA_CC_MGMTBU                SAPSR3DB
VIRSA_CC_MGMTTOT               SAPSR3DB
VIRSA_CC_MGRISKD               SAPSR3DB
VIRSA_CC_MGRISKS               SAPSR3DB
VIRSA_CC_MICCTLDTL             SAPSR3DB
VIRSA_CC_MICCTLDTT             SAPSR3DB
VIRSA_CC_MICEXLOG              SAPSR3DB
VIRSA_CC_MICORGDTL             SAPSR3DB
VIRSA_CC_MICORGDTT             SAPSR3DB
VIRSA_CC_MICPRCDTL             SAPSR3DB
VIRSA_CC_MICPRCDTT             SAPSR3DB
VIRSA_CC_MICRMAP               SAPSR3DB
VIRSA_CC_MICUMAP               SAPSR3DB
VIRSA_CC_MITHROBJ              SAPSR3DB
VIRSA_CC_MITMON                SAPSR3DB
VIRSA_CC_MITPROF               SAPSR3DB
VIRSA_CC_MITREF                SAPSR3DB
VIRSA_CC_MITREFT               SAPSR3DB
VIRSA_CC_MITRISK               SAPSR3DB
VIRSA_CC_MITROLE               SAPSR3DB
VIRSA_CC_MITRPT                SAPSR3DB
VIRSA_CC_MITUSER               SAPSR3DB
VIRSA_CC_MITUSRORG             SAPSR3DB
VIRSA_CC_MONAPV                SAPSR3DB
VIRSA_CC_MSG                   SAPSR3DB
VIRSA_CC_MSGPRMS               SAPSR3DB
VIRSA_CC_MSGTYP                SAPSR3DB
VIRSA_CC_OBJTEXT               SAPSR3DB
VIRSA_CC_ORGRULE               SAPSR3DB
VIRSA_CC_ORGRULEM              SAPSR3DB
VIRSA_CC_ORGRULET              SAPSR3DB
VIRSA_CC_ORGUSERS              SAPSR3DB
VIRSA_CC_PRMRULE               SAPSR3DB
VIRSA_CC_PRMVL                 SAPSR3DB
VIRSA_CC_RISK                  SAPSR3DB
VIRSA_CC_RISKFUNC              SAPSR3DB
VIRSA_CC_RISKOWN               SAPSR3DB
VIRSA_CC_RISKRS                SAPSR3DB
VIRSA_CC_RISKT                 SAPSR3DB
VIRSA_CC_ROLEVL                SAPSR3DB
VIRSA_CC_RTMAP                 SAPSR3DB
VIRSA_CC_RULESET               SAPSR3DB
VIRSA_CC_RULESETT              SAPSR3DB
VIRSA_CC_SAPOBJ                SAPSR3DB
VIRSA_CC_SCHEDULER             SAPSR3DB
VIRSA_CC_SUPP_DET              SAPSR3DB
VIRSA_CC_SUPP_HDR              SAPSR3DB
VIRSA_CC_SUPP_TEXT             SAPSR3DB
VIRSA_CC_SYSCRACT              SAPSR3DB
VIRSA_CC_SYSHMAP               SAPSR3DB
VIRSA_CC_SYSRULE               SAPSR3DB
VIRSA_CC_SYSSAPOBJ             SAPSR3DB
VIRSA_CC_SYSTEM                SAPSR3DB
VIRSA_CC_SYSTEMC               SAPSR3DB
VIRSA_CC_SYSTEMT               SAPSR3DB
VIRSA_CC_SYSUSR                SAPSR3DB
VIRSA_CC_TEXTKEY               SAPSR3DB
VIRSA_CC_THREAD                SAPSR3DB
VIRSA_CC_USRMAP                SAPSR3DB
VIRSA_CC_VARIANT               SAPSR3DB
VIRSA_CC_VARVAL                SAPSR3DB
VIRSA_CC_WFOBJ                 SAPSR3DB
VIRSA_CC_XSRULEMAP             SAPSR3DB
VIRSA_CC_XSYSGRP               SAPSR3DB
You can go and check which one contains the scheduling info (VIRSA_CC_SCHEDULER ??)
Hope this helps

Compliance Calibrator: Background jobs didn't bring in the correct data.

Hi Gurus;
In Compliance Calibrator; background jobs were last run on 5/27/09 but the management report shows that the summary is as of 5/20/09. That should have been updated uptill 5/27/09 and the new number of conflicts should have come up, which it didn't. What can be the problem?
Thanking you;
Raja

Hi Harleen;
This job was actually set by the client. So when I went to check the parameters of the jobs, I found that the field MGR_ANALYSIS consists of Field value "N". Does this mean that the Management Analysis box was not ticked when this job was scheduled?
Regards;
Raja

Custom Risks in Compliance Calibrator?

Hello,
Can someone please verify this process for me?
My understanding is that once you create and configure a custom risk in Compliance Calibrator 5.2, you simply click generate and can then immediately run a risk analysis using the new custom risk.
Is there any kind of a background job required to synchronise the new custom rule prior to running a risks analysis or any steps that I'm missing?
Thanks your help is much appreciated,

Hi Adamo,
This is the exact process you need to follow. Once you create main risk and generate rules, you should be able to see the risk in CC. Have you enabled the particular risk? You can go to informer and try to run a simulation or ad-hoc analysis on that particular risk.
Regards,
Alpesh

How to add my own iview in Compliance Calibrator

Hi Experts,
can plaese tell me how to add my own iview in Compliance Calibrator 5.1.

Anubha,
If you are trying to add an iview or URL to Compliance Calibrator you have to login as an administrator go into the configuration tab, and go to Custom tabs toward the bottom of the left screen. Here you can add custom URL links that will appear as tabs in Compliance Calibrator.
Hope this helps
Gabe

Compliance Calibrator SOD Conflict (FI01 and FB05)

I was hoping that someone could provide some insight as to why the "FI01 - Create Bank" and "FI02 - Change Bank" transactions would create a risk (in Compliance Calibrator) when coupled in the same security role with the "FB05 - Post with Clearing" transaction. The risk description given by Compliance Calibrator is "Maintain bank account and post a payment from it".
The FI01 and FI02 t-codes appear to only create/change routing numbers or addresses for banks. There is no ability to create or change an actual bank account. This alone doesn't seem to create a conflict when coupled with a posting transaction. Is there possibly some functionality that I am missing?

Hi Joshua,
I strongly agree with you that there is no SOD conflict technically with FI01, FI02 with FB05 although the wording of the SOD conflict in a business sense meaning Maintain Bank Accounts vs Posting Payments sounds more like a Conflict.
I dont see by anyway how you can maintain actual bank account in either FI01, FI02.
FI01 and FI02 - Maintain Bank Info like Bank Address, Bank Key and soforth.
FB05 - Make Payments to various accounts.
Regards,
Kiran Kandepalli.

Compliance Calibrator v.4.0 Installation Guide?

Does anyone have a Compliance Calibrator v.4.0 Installation Guide? I cannot find one on SAP Service Marketplace.
I have found a Security Guide, User Guide Supplement, User Guide, but no installation guide.
Thank you!

Hi there,
I have the guide, and I can give it to you.
Reach out to me at [email protected] and I'll get it to you.
Thanks,
Santosh

SAP GRC 5.2 Compliance Calibrator rule sets for HR module

HI All,
The company i am working for has done installation of GRC 5.2. I would like to download the SAP out of box Compliance Calibrator rule sets for HR function module in a spreadsheet format.
I would like to download the rule set for risks at Function level, Tcode level and also at authorization object level in ABAP and Roles, actions and permissions in JAVA.
I will discuss with the BPAs, internal auditors and come up with a new rule set exclusively for my company needs with the help of the above spreadhseet.
Please tell me what steps i need to do to get this thing done.

Please go through the process but save these as txt files for UNIX. I am not sure about 5.2 but CC4 was not uploading rule files correctly if file was not saved for TXT for UNIX.
Regards,
Harry Sidhu

Convert from Compliance Calibrator 4.0 to Risk Analysis and Remediation 5.2

Hello Forum,
I'm looking for other opinions on converting Compliance Calibrator (CC) 4.0 to Risk Analysis and Remediation (RAR) 5.2 (formerly CC)
I have inherited responsibility for RAR and need to upgrade it to the 5.2 level; our current ECC level prevents us from going to 5.3
I found a process that will unload the data from CC 4.0 and be imported into RAR 5.2
I want to understand the definitions that comprise the RAR and was thinking about recreating the definitions in 5.2 based on what is already defined in the CC 4.0 system; I have time to do this since there is no definitive deadline that would make it impossible to meet
Currently, I have the following definitions:
Business Process 6 entries
Functions 47 entries
Risks 147 entries
Mitigating Controls 40 entries
Would others find this approach acceptable and reasonable even though I would be entering all the information? Basically, it would be like defining the data for the very first time if this was NEW software
I would expect to come away with a good understanding of how everything ties together; at this point, I am only looking to create the necessary data that would allow for producing SOD reports that show all users with "risks" have been mitigated with acceptable controls
Thanks for your responses in advance
Jerry
Ryerson, Inc
630-758-2021

Thanks for the reply
I have the migration guide and have reviewed it; I have actually played around a bit with obtaining the file from CC 4.0; I found that the data records may need some adjustments to be compatible with RAR 5.2; one of the reasons that may be leading me to do everything from scratch
The definitions currently defined were completed by an outside source and the mitigated controls were defined by the Internal Audit area
I'm not sure if they were mixed with the defaults
I'm not sure at this point what impact or changes I would experience if I use the "default" supplied rules set but I expect to find out
Thanks again for your reply
Jerry

SAP GRC Access Control - Compliance Calibrator - License Cost

Dear all,
I have some questions on Compliance Calibrator implementation.
1. Do we have to pay additional cost for the license to implement Compliance Calibrator?
2. Since SAP GRC 5.3 is just released, which one do you recommend? SAP GRC 5.2 or 5.3?
3. What would be the major difference between Compliance Calibrator in GRC 5.2 and 5.3?
Best regards,
Rolando

Hi Rolando-
1. Yes, there lies some license cost and the amount should not as much as taking SAP R/3 license. I am not sure of exact amount but its nominal as compared to other SAP products.
2. SAP always recommend for the latest version available and why not one would go for latest version if you are paying something for that.
Also, it depends on your existing R/3 version and its compatibility. In short run, you can choose per your existing versions but in long run everyone has to move to latest version. Say for example whoever is using SAP R/3 technology with whatever version, they all need to upgrade to ECC6.0 by 2011 with extension upto 2013. I am not sure of any such information about GRC AC though.
3. Some enhancement have been done with CC 5.3. Those features include-
1. Risk analysis for SAP Enterprise Portal and UME
2. BI integration for custom reporting
3. Reporting enhancement features include additional auditor, business manager and IT reports
4. SOD management by exception. Can be integrated with workflow.
5. Import/Export of configuration data
6. Migration scripts
7. Download and print capability on every report.
Some performance improvements-
1. Concurrent risk analysis.
2. batch mode risk analysis
3. Improved memory mgmnt etc.
Hope it gives you now some more visibility.
Cheers!
Ashok

How to Modify the WD4J components of Compliance Calibrator

Hi,
I would like to modify the Mitigated Users WEBDYNPRO-JAVA Compliance Calibrator components(GRC). Please let me know the procedure for the same.
If we have NWDI can we modify it?
Is there a separate .sca file for Mitigated Users?
Are there any dependencies for the components related to Mitigated Users, if so what are they?
Please provide me the step by step information to modify the GRC components.
Thanks,
Jhansi Miryala

You cannot change any GRC AC applications, as the source code is not made public.
Any changes you make will not be supported by SAP.
Ankur
SAP GRC RIG

How to do mass risks deletetion in 5.2 compliance calibrator?

Hello,
Can anyone tell me the relevant table which store the risks for compliance calibrator? I want to perform mass deletion on the risks.
Thanks
Eric

You can also just pull up the list of risks, click the delete key, and then press enter with the prompt to confirm the delete and hold the enter key down. It will then loop through all the risks and delete them. It can take about 20-30 minutes, but it works. I just prop something up on the enter key when going to lunch or meeting.

Transports in Compliance Calibrator 5.2

Similar Messages

Maybe you are looking for