Upgrading VRAT 2.0 to Compliance Calibrator 4.0
Hi,
I have one query regarding upgradation of VRAT2.0 to CC 4.0.
Earlier,I was supplied 4 Transport requests,importing which in a proper sequence will install the CC 4.0.While importing the first one,I encountered the follwoing error :
"Enter a valid transport request/correction
ObjRead >>___1: ..00:00:00 hh:mm:ss
No object to be deleted and activated exists"
But,while searching on Marketplace I found an ADDON "K-400COINVIRSA.CAR" for installing CC 4.0.I also found another one - "K-400COINVIRSANH.CAR".
1.Now,what method shall I adopt for installing CC 4.0 and which package?
According to note 861556,some objects should not exist in the system where the package is to be imported,but as we are already having VRAT 2.0,the following objects exist in our system :
Authorization Object class - ZVRA
Authorization Objects - ZVRAT_0001,ZVRAT_0002,ZVRAT_0003
2.How to go ahead for the upgradation in this type of scenario ? Shall I delete the objects manually ?
Thanks in advance.
s<i><b>A</b></i>mik.
can you pl have a look to https://websmp202.sap-ag.de/~form/sapnet?_FRAME=OBJECT&_HIER_KEY=501100035870000015092&_HIER_KEY=601100035870000206624&_HIER_KEY=701100035871000499139&_SCENARIO=01100035870000000202&#HOME
Cheers,
-Sunil
Similar Messages
-
4.6C to ECC 6.0 upgrade - Issue with Virsa Compliance Calibrator
The issue is that phase IS_SELECT during the PREPARE is not detecting VIRSA as an add-on. This of course will result in VIRSA not being upgraded and the system will be unstable ( note 989368 ). Also, I can't choose to delete the add-on either.
We installed the compliance calibrator before SAP purchased VIRSA. So, the tool was installed through transports, not SAINT. I assume this is why phase IS_SELECT is not seeing the tool.
Any ideas?
-ScottReceived a reply from SAP. Since VIRSA was installed through STMS the IS_SELECT phase will not see the add-on. I had to do the ECC 6 upgrade as normal and then install VIRSA 4.0 for SAP 700 systems through SAINT.
I had to clear SPDD and SPAU as much as possible for /VIRSA/* objects. However, there were six objects I could not clear. This did not cause any issues.
Notes 1006083 and 985617 are needed for this procedure.
Thanks for all the suggestions.
-Scott -
Why upgrade from Compliance Calibrator to GRC?
Hello Experts- My company has yet to implement GRC 5.3. We already utilize SAP Compliance Calibrator by Virsa Systems 4.0, which works fine, so what would be the benefit of upgrading to GRC? Is it really necessary? Is it just to stay current? Also, is it true that GRC will be moving from Java back to an ABAP stack? If so, when is the new ABAP version of GRC set to be available?
Thanks for your advice and opinions.Regarding the upgrade from 4.0 to 5.3 I concur with Alpesh and Varun.
Regarding the upgrade to 10.0, current plans are for Ramp-up to be available in December 2010 with general release scheduled for mid 2011.
According to the latest material from SAP, they are only supporting a migration path as follows:
4.0 -->5.3 --> 10.0
There is no supported upgrade path from 4.0 directly to 10.0.
It should be noted that it is a significant change in architecture and therefore not a simple migration path. SAP are recommending an upgrade to 5.3 followed by a migration to 10.0 for the technical side of things.
5.3 does still have some significant advantages over 4.0 and therefore is still an option. owever, if you wish to register your interest, SAP are seeking ramp up customers so I would suggest you contact your Consultants or account management within SAP to discuss the options if you are considering it.
Simon -
Convert from Compliance Calibrator 4.0 to Risk Analysis and Remediation 5.2
Hello Forum,
I'm looking for other opinions on converting Compliance Calibrator (CC) 4.0 to Risk Analysis and Remediation (RAR) 5.2 (formerly CC)
I have inherited responsibility for RAR and need to upgrade it to the 5.2 level; our current ECC level prevents us from going to 5.3
I found a process that will unload the data from CC 4.0 and be imported into RAR 5.2
I want to understand the definitions that comprise the RAR and was thinking about recreating the definitions in 5.2 based on what is already defined in the CC 4.0 system; I have time to do this since there is no definitive deadline that would make it impossible to meet
Currently, I have the following definitions:
Business Process 6 entries
Functions 47 entries
Risks 147 entries
Mitigating Controls 40 entries
Would others find this approach acceptable and reasonable even though I would be entering all the information? Basically, it would be like defining the data for the very first time if this was NEW software
I would expect to come away with a good understanding of how everything ties together; at this point, I am only looking to create the necessary data that would allow for producing SOD reports that show all users with "risks" have been mitigated with acceptable controls
Thanks for your responses in advance
Jerry
Ryerson, Inc
630-758-2021Thanks for the reply
I have the migration guide and have reviewed it; I have actually played around a bit with obtaining the file from CC 4.0; I found that the data records may need some adjustments to be compatible with RAR 5.2; one of the reasons that may be leading me to do everything from scratch
The definitions currently defined were completed by an outside source and the mitigated controls were defined by the Internal Audit area
I'm not sure if they were mixed with the defaults
I'm not sure at this point what impact or changes I would experience if I use the "default" supplied rules set but I expect to find out
Thanks again for your reply
Jerry -
SAP GRC Access Control - Compliance Calibrator - License Cost
Dear all,
I have some questions on Compliance Calibrator implementation.
1. Do we have to pay additional cost for the license to implement Compliance Calibrator?
2. Since SAP GRC 5.3 is just released, which one do you recommend? SAP GRC 5.2 or 5.3?
3. What would be the major difference between Compliance Calibrator in GRC 5.2 and 5.3?
Best regards,
RolandoHi Rolando-
1. Yes, there lies some license cost and the amount should not as much as taking SAP R/3 license. I am not sure of exact amount but its nominal as compared to other SAP products.
2. SAP always recommend for the latest version available and why not one would go for latest version if you are paying something for that.
Also, it depends on your existing R/3 version and its compatibility. In short run, you can choose per your existing versions but in long run everyone has to move to latest version. Say for example whoever is using SAP R/3 technology with whatever version, they all need to upgrade to ECC6.0 by 2011 with extension upto 2013. I am not sure of any such information about GRC AC though.
3. Some enhancement have been done with CC 5.3. Those features include-
1. Risk analysis for SAP Enterprise Portal and UME
2. BI integration for custom reporting
3. Reporting enhancement features include additional auditor, business manager and IT reports
4. SOD management by exception. Can be integrated with workflow.
5. Import/Export of configuration data
6. Migration scripts
7. Download and print capability on every report.
Some performance improvements-
1. Concurrent risk analysis.
2. batch mode risk analysis
3. Improved memory mgmnt etc.
Hope it gives you now some more visibility.
Cheers!
Ashok -
Issue with Compliance Calibrator 5.2 SP9 Background Jobs
Hello,
I'm having an issue with Compliance Calibrator 5.2 SP9 where If I run a role analysis as a background job that has the same parameters as a previously run role analysis background job, the second job that is run will display a failure message. It does not appear to matter if the similar background jobs were run by the same individual or separate individuals. As long as the job that was previously run is still in the background job history, than any job with the same parameters run by a user will fail.
Is this normal operation for CC?
Is there a configuration change that could allow a job to be rerun in the background multiple times?
Is there a fix for this issue in a later support pack or with upgrade to 5.3?
Thanks for the help it's much appreciated,To better clarify what is occurring, the 1st job will run and complete successfully and return/display the appropriate results correctly. The 2nd job will than be subsequently kicked off and finish same as with the previous job except when you open the background results no data is displayed and the message at the bottom reads: Failed to display result. To make more sense of what Iu2019m doing, these are the logical steps Iu2019m following:
1. Select Role Level analysis
2. Enter parameters for analysis
3. Schedule background job to run immediately
4. View background job results (successful job and correct results)
5. Select Role Level analysis (with same or any other user)
6. Enter same parameters as step 2 for analysis
7. Schedule background job to run immediately
8. View background job results (successful job, but the error message: u2018Failed to display resultu2019, instead of seeing the CC reports)
I believe the error is somewhere in the running of a job with the same parameters (Same Role and same Report Type). If I delete the previous jobs from the background history that have the parameters Iu2019m using and try the analysis again, a third time, with the same parameters as before, it will run successfully and display the correct results.
Is this normal and acceptable operation for CC5.2 SP9?
Is there a configuration change that would allow a job to be run in the background multiple times with the correct CC results?
Is there a fix for this issue in a later support pack or with upgrade to 5.3? -
Does Compliance Calibrator come installed with CRM 2007
We will be installing CRM 2007 in May and I need to know if Compliance Calibrator is installed as part of the application. Currently we are running CC 3.0 in R/3, HR and BW. If the new version is part of CRM 2007 then we need to upgrade to the newest version. I also need to know if the CC is not part of CRM 2007, will CC 3.0 technically work in CRM 2007.
Hi, thanks for your replies,
Our SP is uptodate,
Note 1120400 is obsolete we have CRM 6 SP2 and our patch level is 15.
Besides we have a delta between tables entries:
USOBX => 103.391
USOBX_C => 103.389
and
USOBT => 43.785
USOBT_C => 43.769
Do these tables have the same number of entries in your system? What could be the impact of this delta?
Thanks,
Aldo -
Is Compliance Calibrator the same as GRC Access Control?
I have been asked to look at<b> Compliance Calibrator </b>and am getting confused about what functionality is offered. I have done the basic e-learning course for Compliance Calibrator (GRC200): this was all about separation of duties etc. Fair enough. But I also have a Document called "<b>SAP GRC Access Control</b>" which talks about the same S.O.D compliance functionality but also talks of "roles triggering workflows", "users creating roles", "automated approvals for roles" eg:
"SAP GRC Access Control streamlines access requests by filling each request automatically with user identity information from a lightweight directory access protocol (LDAP) directory or HR database, thereby eliminating the need for user intervention. Approvers receive an e-mail with a direct hyperlink to the request inside the application, where they can easily view and approve the request. The application then checks for security violations before updating accounts automatically."
None of this was covered on the Compliance Calibrator course, so what product offers this? I can see another product by Virsa called <b>Access Enforcer</b> but have no info on this... can anyone enlighten me?SAP GRC Access Control is the SAP application that comprises the former Virsa products Compliance Calibrator, Access Enforcer, Risk Terminator, Firefighter and Role Expert.
-
Custom report on Compliance Calibrator Job scheduler
Currently in compliance calibrator it is not possible for a user to view the status, success or otherwise, of another users scheduled job or sync unless granting that user full administrator rights.
Please advise if it's possible to expose the underlying scheduled job table for a given system via a custom built static html web page. Can you advise of the table that results would need to be displayed from and whether there would be any drawbacks of this approach, or if others have somehow solved this problem with another solution, please share?!
What are SAP's timeframe's for finer grained security in CC?below are the tables used for CC:
VIRSA_CC_ACTRULE SAPSR3DB
VIRSA_CC_ACTRULHDR SAPSR3DB
VIRSA_CC_ACTVL SAPSR3DB
VIRSA_CC_ADMIN SAPSR3DB
VIRSA_CC_ALLASTRUN SAPSR3DB
VIRSA_CC_ALLISTDTL SAPSR3DB
VIRSA_CC_ALLISTHDR SAPSR3DB
VIRSA_CC_ALTCDLOG SAPSR3DB
VIRSA_CC_AUTHHT SAPSR3DB
VIRSA_CC_AUTHMAP SAPSR3DB
VIRSA_CC_BKGINP SAPSR3DB
VIRSA_CC_BUAPPVR SAPSR3DB
VIRSA_CC_BUMONITOR SAPSR3DB
VIRSA_CC_BUSPRC SAPSR3DB
VIRSA_CC_BUSPRCT SAPSR3DB
VIRSA_CC_BUSUNIT SAPSR3DB
VIRSA_CC_BUSUNITT SAPSR3DB
VIRSA_CC_CDHDR SAPSR3DB
VIRSA_CC_CDPOS SAPSR3DB
VIRSA_CC_CGROUP SAPSR3DB
VIRSA_CC_CONFIG SAPSR3DB
VIRSA_CC_CRACT SAPSR3DB
VIRSA_CC_CRACTT SAPSR3DB
VIRSA_CC_CRACTVL SAPSR3DB
VIRSA_CC_CRPRM SAPSR3DB
VIRSA_CC_CRPRMVL SAPSR3DB
VIRSA_CC_CRPROF SAPSR3DB
VIRSA_CC_CRPROFT SAPSR3DB
VIRSA_CC_CRROLE SAPSR3DB
VIRSA_CC_CRROLET SAPSR3DB
VIRSA_CC_CRROLEVL SAPSR3DB
VIRSA_CC_DATAEXD SAPSR3DB
VIRSA_CC_DETDESC SAPSR3DB
VIRSA_CC_FLDMAP SAPSR3DB
VIRSA_CC_FUNC SAPSR3DB
VIRSA_CC_FUNCACT SAPSR3DB
VIRSA_CC_FUNCBP SAPSR3DB
VIRSA_CC_FUNCPRM SAPSR3DB
VIRSA_CC_FUNCSYS SAPSR3DB
VIRSA_CC_FUNCT SAPSR3DB
VIRSA_CC_GENACT SAPSR3DB
VIRSA_CC_GENOBJ SAPSR3DB
VIRSA_CC_GENOBJT SAPSR3DB
VIRSA_CC_GENPRM SAPSR3DB
VIRSA_CC_GENUSR SAPSR3DB
VIRSA_CC_GPRMLIST SAPSR3DB
VIRSA_CC_GSEQ SAPSR3DB
VIRSA_CC_JOBHST SAPSR3DB
VIRSA_CC_LASTRUN SAPSR3DB
VIRSA_CC_LOCKTABLE SAPSR3DB
VIRSA_CC_LSYSGRP SAPSR3DB
VIRSA_CC_MGALERTS SAPSR3DB
VIRSA_CC_MGCRTR SAPSR3DB
VIRSA_CC_MGMTBU SAPSR3DB
VIRSA_CC_MGMTTOT SAPSR3DB
VIRSA_CC_MGRISKD SAPSR3DB
VIRSA_CC_MGRISKS SAPSR3DB
VIRSA_CC_MICCTLDTL SAPSR3DB
VIRSA_CC_MICCTLDTT SAPSR3DB
VIRSA_CC_MICEXLOG SAPSR3DB
VIRSA_CC_MICORGDTL SAPSR3DB
VIRSA_CC_MICORGDTT SAPSR3DB
VIRSA_CC_MICPRCDTL SAPSR3DB
VIRSA_CC_MICPRCDTT SAPSR3DB
VIRSA_CC_MICRMAP SAPSR3DB
VIRSA_CC_MICUMAP SAPSR3DB
VIRSA_CC_MITHROBJ SAPSR3DB
VIRSA_CC_MITMON SAPSR3DB
VIRSA_CC_MITPROF SAPSR3DB
VIRSA_CC_MITREF SAPSR3DB
VIRSA_CC_MITREFT SAPSR3DB
VIRSA_CC_MITRISK SAPSR3DB
VIRSA_CC_MITROLE SAPSR3DB
VIRSA_CC_MITRPT SAPSR3DB
VIRSA_CC_MITUSER SAPSR3DB
VIRSA_CC_MITUSRORG SAPSR3DB
VIRSA_CC_MONAPV SAPSR3DB
VIRSA_CC_MSG SAPSR3DB
VIRSA_CC_MSGPRMS SAPSR3DB
VIRSA_CC_MSGTYP SAPSR3DB
VIRSA_CC_OBJTEXT SAPSR3DB
VIRSA_CC_ORGRULE SAPSR3DB
VIRSA_CC_ORGRULEM SAPSR3DB
VIRSA_CC_ORGRULET SAPSR3DB
VIRSA_CC_ORGUSERS SAPSR3DB
VIRSA_CC_PRMRULE SAPSR3DB
VIRSA_CC_PRMVL SAPSR3DB
VIRSA_CC_RISK SAPSR3DB
VIRSA_CC_RISKFUNC SAPSR3DB
VIRSA_CC_RISKOWN SAPSR3DB
VIRSA_CC_RISKRS SAPSR3DB
VIRSA_CC_RISKT SAPSR3DB
VIRSA_CC_ROLEVL SAPSR3DB
VIRSA_CC_RTMAP SAPSR3DB
VIRSA_CC_RULESET SAPSR3DB
VIRSA_CC_RULESETT SAPSR3DB
VIRSA_CC_SAPOBJ SAPSR3DB
VIRSA_CC_SCHEDULER SAPSR3DB
VIRSA_CC_SUPP_DET SAPSR3DB
VIRSA_CC_SUPP_HDR SAPSR3DB
VIRSA_CC_SUPP_TEXT SAPSR3DB
VIRSA_CC_SYSCRACT SAPSR3DB
VIRSA_CC_SYSHMAP SAPSR3DB
VIRSA_CC_SYSRULE SAPSR3DB
VIRSA_CC_SYSSAPOBJ SAPSR3DB
VIRSA_CC_SYSTEM SAPSR3DB
VIRSA_CC_SYSTEMC SAPSR3DB
VIRSA_CC_SYSTEMT SAPSR3DB
VIRSA_CC_SYSUSR SAPSR3DB
VIRSA_CC_TEXTKEY SAPSR3DB
VIRSA_CC_THREAD SAPSR3DB
VIRSA_CC_USRMAP SAPSR3DB
VIRSA_CC_VARIANT SAPSR3DB
VIRSA_CC_VARVAL SAPSR3DB
VIRSA_CC_WFOBJ SAPSR3DB
VIRSA_CC_XSRULEMAP SAPSR3DB
VIRSA_CC_XSYSGRP SAPSR3DB
You can go and check which one contains the scheduling info (VIRSA_CC_SCHEDULER ??)
Hope this helps -
Compliance Calibrator: Background jobs didn't bring in the correct data.
Hi Gurus;
In Compliance Calibrator; background jobs were last run on 5/27/09 but the management report shows that the summary is as of 5/20/09. That should have been updated uptill 5/27/09 and the new number of conflicts should have come up, which it didn't. What can be the problem?
Thanking you;
RajaHi Harleen;
This job was actually set by the client. So when I went to check the parameters of the jobs, I found that the field MGR_ANALYSIS consists of Field value "N". Does this mean that the Management Analysis box was not ticked when this job was scheduled?
Regards;
Raja -
Custom Risks in Compliance Calibrator?
Hello,
Can someone please verify this process for me?
My understanding is that once you create and configure a custom risk in Compliance Calibrator 5.2, you simply click generate and can then immediately run a risk analysis using the new custom risk.
Is there any kind of a background job required to synchronise the new custom rule prior to running a risks analysis or any steps that I'm missing?
Thanks your help is much appreciated,Hi Adamo,
This is the exact process you need to follow. Once you create main risk and generate rules, you should be able to see the risk in CC. Have you enabled the particular risk? You can go to informer and try to run a simulation or ad-hoc analysis on that particular risk.
Regards,
Alpesh -
How to add my own iview in Compliance Calibrator
Hi Experts,
can plaese tell me how to add my own iview in Compliance Calibrator 5.1.Anubha,
If you are trying to add an iview or URL to Compliance Calibrator you have to login as an administrator go into the configuration tab, and go to Custom tabs toward the bottom of the left screen. Here you can add custom URL links that will appear as tabs in Compliance Calibrator.
Hope this helps
Gabe -
Compliance Calibrator SOD Conflict (FI01 and FB05)
I was hoping that someone could provide some insight as to why the "FI01 - Create Bank" and "FI02 - Change Bank" transactions would create a risk (in Compliance Calibrator) when coupled in the same security role with the "FB05 - Post with Clearing" transaction. The risk description given by Compliance Calibrator is "Maintain bank account and post a payment from it".
The FI01 and FI02 t-codes appear to only create/change routing numbers or addresses for banks. There is no ability to create or change an actual bank account. This alone doesn't seem to create a conflict when coupled with a posting transaction. Is there possibly some functionality that I am missing?Hi Joshua,
I strongly agree with you that there is no SOD conflict technically with FI01, FI02 with FB05 although the wording of the SOD conflict in a business sense meaning Maintain Bank Accounts vs Posting Payments sounds more like a Conflict.
I dont see by anyway how you can maintain actual bank account in either FI01, FI02.
FI01 and FI02 - Maintain Bank Info like Bank Address, Bank Key and soforth.
FB05 - Make Payments to various accounts.
Regards,
Kiran Kandepalli. -
Compliance Calibrator v.4.0 Installation Guide?
Does anyone have a Compliance Calibrator v.4.0 Installation Guide? I cannot find one on SAP Service Marketplace.
I have found a Security Guide, User Guide Supplement, User Guide, but no installation guide.
Thank you!Hi there,
I have the guide, and I can give it to you.
Reach out to me at [email protected] and I'll get it to you.
Thanks,
Santosh -
SAP GRC 5.2 Compliance Calibrator rule sets for HR module
HI All,
The company i am working for has done installation of GRC 5.2. I would like to download the SAP out of box Compliance Calibrator rule sets for HR function module in a spreadsheet format.
I would like to download the rule set for risks at Function level, Tcode level and also at authorization object level in ABAP and Roles, actions and permissions in JAVA.
I will discuss with the BPAs, internal auditors and come up with a new rule set exclusively for my company needs with the help of the above spreadhseet.
Please tell me what steps i need to do to get this thing done.Please go through the process but save these as txt files for UNIX. I am not sure about 5.2 but CC4 was not uploading rule files correctly if file was not saved for TXT for UNIX.
Regards,
Harry Sidhu
Maybe you are looking for
-
Raid configuration -- the elusive best practice/best value framework
After much research on RAID, both on and off the Apple site, I am still looking for answers. I searched RAID threads for thoughts on some of the top users in the Forum so I apologize, I am sure some of this seems old hat to you old Pros. I just bough
-
hi After operation release and production order is tired to save, The system creates a short dump and status is not get updated. The short dump shows the error in program line which the system is not able to find data in JEST_UPD However the table co
-
Regarding Workflow 2.6.2 backup/migration/import/export
hi folks. i m quite amazed that this forum does not provide any answer to the question of taking backup of workflow 2.6.2 or import/export of owf_mgr schema. if one cannot take backup how this oracle workflow is stable. how this product is suitable f
-
Function module to get Presentation server's directory on F4
Hi, Kindly tell me the Function Module to be used in the Selection screen parameter to get the "Local PC's Directory path". I need only Directory path, because program will generate the file and send that into the selected directory. Saurabh Garg
-
FB 1.6: Following Notification Threads... No way to do it!
1) Using my computer, I logged in to Facebook via my web browser and posted a comment on a friend's photo. 2) A second friend commented on my photo comment. 3) Facebook sent a Notification message to my Blackberry 8900. 4) I read the message, which s