Quantcast
Channel: SCN: Message List - Governance, Risk and Compliance (SAP GRC)
Viewing all 8113 articles
Browse latest View live

Update on Q4, 2012 GRC Rules update - SAP Note 1809810

June 4, 2013, 5:19 am
$
0
0

Q4, 2012 ruleset update done under SAP Note 1809810 was originally targeted under SP12 of GRC 10.0. However, this has been analyzed that these changes were not delivered in specified BC Sets due to some Technical/Packaging issues.

 

So now, these are targeted in SP13 of GRC 10.0 again. So below BC Sets which are mentioned under this note 1809810 will be updated in SP13 of GRC 10.0 with latest rules changes.

 

GRAC_RA_RULESET_SAP_BASIS

GRAC_RA_RULESET_SAP_R3

GRAC_RA_RULESET_SAP_NHR

 

Customer who are using SAP delivered ruleset + doing their customization also, would already have done the update manually using the instructions mentioned under this note 1809810.

 

Customers who are ONLY using SAP delivered standard ruleset and not doing any kind of customizations in their rules and if they cannot wait till SP13 release and require updated txt files to upload into their system manually, please raise a CSS ticket under GRC-SAC-ARA and ask for latest files.

 

You can give the reference of this Thread in CSS message.

 

Thanks & Regards

Neeraj Manocha

Search

Re: Unable to submit new user creation request -LDAP issue

June 4, 2013, 5:41 am
$
0
0

Mohana,

Are you certain that you added the all entries for your field mapping to bring in that data from the LDAP? The source fields must be mapped to the target system fields.

REF:

SPRO> SAP Reference IMG> Governance risk and compliance> Access Control> Maintain mapping for Actions and connector groups

 

Gretchen

Re: GRC10: Role Owner not able to approve/reject roles

June 4, 2013, 6:19 am
$
0
0

Hi All,

 

Can anyone please help me in resolving this issue please ?

 

Regards,

Salman

Re: Unable to submit new user creation request -LDAP issue

June 4, 2013, 6:40 am
$
0
0

Hi Gretchen,

 

I'm also having the same issue. I checked the  Maintain mapping for Actions and connector groups are currently setted as in the screenshots. Please advise if something else need to be corrected ?Ldap Connector.pngLdap Mapping Actions1.pngLdap Mapping Actions2.pngLdap Mapping Actions3.pngLdap Mapping Actions4.png

Re: GRC AC 10.0 EAM : FireFighter ID Not Visible

June 4, 2013, 1:09 am
$
0
0

Hi Nathan,

 

Yes you were correct it turned out to be an authorisation issue to do with one of the auth objects and the correct value. I assigned SAP_ALL and found out that the launchpad was visible, therefore indicating that it had to be an auth issue so did further investigation from there and rectified it.

 

Cheer mate and thanks to everyone for responding to this.

 

 

PS: Diego, yes you were right too....your message seemed to have got tangled up between all the other messages but you did beat Nathan to it but for some reason I only saw Nathan's message? So thanks to you too

 

Paul

Re: GTS Questions

June 5, 2013, 3:06 am
$
0
0

Hello Olympia,

short answers to your questions:

1) Yes, of course.

2) That depends. We didn't set it to bypass compliance-check, if GTS is found not responding (which didn't happen in 9 years). But this is possibel. The problem is: Users are not aware of GTS being inactive. Their sales process is free and no blocks occur. Best would be to program a pop-Up, when GTS is found inactive.

3) No. Why should they? GTS is not a MDM-system.

4) The effect this makes is not clear for me. I always use organizations for setting up organizational elements like FtOrg, Customs offices, a.s.o.

Re: creating Custom ruleset in GRC 10.0 using custom rules in VIRSA 4.0

June 5, 2013, 3:12 am
$
0
0

Hi Parag,

 

Find this table VIRSA_CC_FUNCPRM  in your downloaded rule set from previous version and customize as per your requirement .

 

Prepare and upload as per below format.

 

 

FUNCTIDACTIONSVSYSKEY(System name)AUTHTREEFROMVALTOVALSEARCHTYPESTATUS
ZAP01F-58xxxxxF_BKPF_BUKACTVT0101AND1
ZAP01F-58xxxxxF_BKPF_BUKACTVT0303AND1
ZAP01F-58xxxxxF_BKPF_BUKBUKRS$BUKRS$BUKRSAND1
ZAP01F-58xxxxxxF_BKPF_BUPBRGRUAND1
ZAP01F-58xxxxxxF_BKPF_GSBACTVT0101AND1

 

 

You can use above format as temples.if you have any questions please let me know.

 

thanks in advance for points.

 

Regards,

Suresh

Re: Role Reaffirm in GRC10

June 5, 2013, 4:27 am
$
0
0

Hi Luciana,

 

I implemented note 1528895 and followed your steps described above, but unfortunately it still says "No records found".

 

Btw 'Access management > Role Mining > Role Re-affirm'  doesn't exist for me.

"Role Reaffirm" is only under 'Access management > Role Management'.

 

???

Search

Re: Customizing Menus GRC

June 5, 2013, 4:49 am
$
0
0

Hi John,

 

Please check the SAP notes -1576494 and 1635932.

Hope they help.

 

Regards,

Silky

GRC 10: Available Connectors in Dash Board Reports

June 5, 2013, 6:39 am

Deleting Roles in NWBC

June 5, 2013, 6:59 am
$
0
0

We are running GRC 10. We want to delete some imported roles. We get prompted to Delete from Front or to delete from Backend also. What is the difference in this? We don't want delete roles from satellite systems.

Query Jco Connections RAR

June 5, 2013, 7:15 am
$
0
0

Quick question. We are using RAR and CUP and are on GRC 5.3.

 

I can see three MODEL and 3 METADATA JCO's for SAP_HR Backend systems. From the installation guide, I gather this means i can connect to 3 SAP_HR Backend systems.

 

In our system, all the 3 SAP_HR MODEL and METADATA are connecting to same system and client.   If I need to add one more client from the same backend system, can i change 1 METADATA and 1 MODEL Jco and have it point to new client.   If so, does it follow a certain sequence i..e VIRSAHR_MODEL then VIRSAHR_01_MODEL and finally VIRSAHR_02_MODEL.    Since all the SAP_HR Jco's are pointed to same backend system and client, I am wondering which JCO the existing connector is using.   I'd like to use one of the other JCO's without touching the current active JCO connection. Can any one advise.

 

I will then be able to create connectors in CUP and RAR and use logical systems if need be.

 

Regards

Kalyan

Re: Deleting Roles in NWBC

June 5, 2013, 8:04 am
$
0
0

Joshua:

 

if you want to delete just from SAP Access Control, then delete only from the Front End (NWBC).  Deleting from both would remove it from the Back End (Target) systems as well.

 

so in the case of your screen snipit, click NO only to delete from Front End.

 

Please mark question if this answered your question

 

Thanks,

Kevin Tucholke

Connectors for RAR

June 5, 2013, 8:36 am
$
0
0

Hi !

 

I want to create new connectors in RAR for backend systems...

At the moment, I see 3 JCO Destinations: <system name>_<SID>_00

 

Hence, I've created 3 connectors for these 3 systems...

 

I've read on SDN that SAP NW converts the VIRSA* JCo's to these names...so can I use the Non HR  <system name>_<SID>_00 JCo for other non HR systems too......like using the CRM system name JCo for the BW & GTS system ?

 

Please advise...

 

Thanks a lot.

Saba.

AC 10.0 Mitigate Risk - Default Mitigating Control issue

June 5, 2013, 8:56 am
$
0
0

Hi,

 

In our AC 10.0 testing, we are seeing that when we run Risk Analysis (User Level) and click the "Mitigate Risk" button to mitigate the conflict, AC 10.0 is pulling in a default Mitigating Control into the "Control ID" field. We do not want it to pull in a Control by default. We have several controls per Risk ID that pertain to different countries or regions. AC 10.0 appears to be pulling in the first one from the list, which is often the incorrect one. Obviously we can still search for the correct Control but this default bevahior will cause confusion for our Mitigators. We want the tool to force them to select from a list.

 

At the Mitigation screen, is there a way to turn off the feature of auto-populating the Control ID field?

 

Thanks!

 

Jes

Search

Re: GRC 10: Available Connectors in Dash Board Reports

June 6, 2013, 12:56 am
$
0
0

HI GRC Consultant,

 

The answer to your question is no.Both the connectors will be displayed in the dashboard.

 

Though you might be able to restrict the users to specific connectors.

 

Thanks

Japneet Singh

Re: SoD Pie Chart shows 0 violations

June 6, 2013, 1:05 am
$
0
0

Hi Darie,

 

Please check if you have the entries for the connector in the table GRACMGRISKD?. If the entries in the table does not exist, Please run the batch risk analysis job for the specific connector.

 

Thanks & Regards

Japneet singh 

Access Control - End User Screen Personalization

June 6, 2013, 4:25 am
$
0
0

HI Gurus,

 

I need to custamize the default end user screen.

 

'Company' Field in the User details tab should move to the main screen of the Request Details.

 

Pl find the screen shot

screen.jpg 

Thanks,

Sriram

GRC10: Package GRAC_OIF_REQUEST_APPROVAL Access Request Approval Application

June 6, 2013, 6:45 am
$
0
0

Hi Experts,

 

I'm having an issue where the Role Owner page for approving roles is not been displayed completely. I did a test on the package GRAC_ACCESS_REQUEST -> Web Dynpro Applications -> GRAC_OIF_REQUEST_APPROVAL (Access Request Approval Application) ->TEST -> Form is not complete.

 

For example, Can't see the Request details and Attachments Preview. Please see the screenshot of the page for Role Owner Access Request form.Role Owner Screen.png

 

Please guide me if I need to activate anything else.

 

Regards,

Salman

Re: Deleting Roles in NWBC

June 6, 2013, 10:56 am
$
0
0

Thank you for the information on this.

Viewing all 8113 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>