Quantcast
Channel: SCN : All Content - Governance, Risk and Compliance (SAP GRC)
Viewing all 5097 articles
Browse latest View live

GRC SP10 - There is already an open request for system*

$
0
0

Hi,

 

We have just upped our support pack to 10. I have run into an issue when submitting a change
user account from ARQ.
I get the following error > There is already an open request for system DEV for MBUTTON. I get this error on submission

 

Has anyone encountered an issue like this before ?

 

Regards, Melvin


GRC CUP 10.0 Change User Validity Date Update

$
0
0

Team,

 

I am trying to update an SAP ECC user account validity date within SU01 "Logon Data" tab through CUP in GRC when making a "Change Account" request.  Currently, I'm selecting ECC as the target connector within the request form and selecting the desired validity dates within the respective row.  Upon submitting the request, this is not provisioning to ECC SU01 "Logon Data" tab.  If I update the role validity dates with the "Retain" option selected in a change user access request, these updates are made successfully in the roles tab in ECC SU01.  I have users with over 40+ roles and it is much more convenient to update the SAP user account end date rather than at the role level.

 

We are currently on Service Pack 9 and I am unable to find any SAP notes applicable to our environment.  Has anyone ran into this issue before or have any thoughts on where else to troubleshoot?

 

Thanks in advance for your help.

Plan version current plan was set

$
0
0

Hi Community,

in our GRC-Development system we have the following problem with the component EAM.

While trying to login to a target system, we are receiving an unknown error "Plan version current plan was set". SAP Note 1769547, which refers to a Kernel update, was applied, but same error occurs.

Can anybody please help?


GRC SP 12; kernel level is 425 (highest available); kernel 7.20 64-bit Unicode.

GRC V10 Co-existence Issue

$
0
0

I have a customer that I am working with that has both HR and NH versions of the 5.3 RTA installed on their backend!  They want to install V10 in co-existence mode while we are configuring V10, but... I don't know which V10  plug-in, GRCPINW or GRCPIERP, to install?

Can we uninstall the 5.3 HR version?  The installation guide is pretty specific that it can't be done but this community is very creative!

As usual, any help would be appreciated.

GRC AC 10 SP12 - Role Risk Analysis returning no violations when there are violations

$
0
0

Hello

 

We recently encountered an issue with the role risk analysis returning "no violations" when there is indeed violations. It will pick up the violations when the risk analysis is run within an access request but not when you run it ad hoc. We have re-run all our syncs, re-generated the rule sets and validated they are populated in the NWBC repository but the issue has not been resolved.

 

I've included a few screen shots of an analysis being perforned on the role administrator which would definitely return violations yet no violations are found.

 

Any help would be appreciated.

HR Organizational Assignment Request

$
0
0

Hello Experts,

 

We are currently implementing position based security and were looking to use GRC 10's Org Assignment request to approve access to positions. We are using SAP GRC 10 SP11. I had some questions regarding the approval workflow:

 

1) Is it possible to set the approver as the role owner? We have tried mapping roles who have owners to positions, however, when we submit the request it does not seem to recognize the role as input and goes on directly to our security detour stage. Is there any way to fix this problem?

RoleOwnerApproval.PNG

 

2) We have another problem, when the ZGRAC_SEC_DETOUR is taken, or when you assign a direct approver for this path, missing user detail error occurs when trying to approve the request. It is as though because we are using the SAP_GRAC_ACCESS_REQUEST MSMP Process ID for HR org assignment request, that the system is expecting user details to exist as part of the request even though this does not really apply to the type of request and is not even part of the request template. The error looks like this:

UserDetailsError.PNG

 

I have also tried to create an initor rule using SAP_GRAC_ACCESS_REQUEST_HR, it takes the connector as input. I can simulate the rule in BRF+ and it gives the correct result "ZROLE_OWN_APRV" which is what I have mapped in MSMP, however when I try to submit the request it gives me a "cannot resolve path" error (as a side note, SLG1 does not give me any further information). Again, your help is much appreciated.

 

msmP WORKFLOW.PNGinit error.PNG

Execute the Job Immediately in Legacy Automated Monitoring

$
0
0

Hi All,

 

I have scheduled a Job in Legacy Automated Monitoring(SAP GRC PC10.0) , where the Frequency set is "Daily".

Is there an option/Program using which we can execute the Job immediately?

 

Thanks in Advance,

 

Regards,

Ramakrishna Chaitanya.

Risk terminator shows warning message (user does not have risks)

$
0
0

Hi,

We are on GRC AC Sp10, recently implemented Risk terminator.

 

It was successful during a role assignment with risks.

 

It was failed during a role assignment without risks.in this case, Risk terminator giving warning message "user assignment  is causing  access risk violations"

it should not show this message when we don't have risk violations.

 

Any help.

 

Thanks

Mohan


Change history in GRC 10 AC

$
0
0

Hi all,

 

I am very confusing, where should i found the change history of all activities in GRC 10 AC,

 

I have seen Change log in two sections,

 

  1. 1. Goto -> Reports and Analytics -->Access Management -->Change Log Report.

 

and second one

 

  1. 2.Goto -> Reports and Analytics -->Audit Reports-->Change Log Report.

 

 

So i used above two ways but i didn’t find any change log ..

 

Test scenario.

 

  1. 1. Mitigated one user and then removed from mitigation assignment.

 

In this case there is no change history available in the system

 

  1. 2. Mitigated One Role ,changed control monitor and then removed from mitigation assignment.

 

In this case there is no change history available in the system.

 

in the both the above cases i didn't find the change history.

 

Please help me regarding this .

 

is there any config required or any way to find the change history of all the activities in GRC 10 AC

 

thanks in advance.

Suresh

Role import error in GRC 10.0

$
0
0

Hi Team,

 

We are trying to import the role in to GRC application but it ended with error.

 

Error is:Long text failed

 

We are on GRC 10.0 SP09.

 

Please help us resolve this issue.

 

Regards,

Sudha M

GRC 5.3 CUP - Duplication of notification e-mails

$
0
0

Dear All,

 

  1. We recently upgraded to SP 19 patch 7 and GRC 5.3 started sending mutiple e-mails notification.
  2. Tried using IP address for the SMTP server but having the same issue.
  3. Check table VIRSA_AE_EMLLOG but don't seem to find any duplicate entries.

 

Has anyone encounter the same issue before? Please advise.

 

Thank you

Jacky

Mitigating Controls in GRC10

$
0
0

Hi,

 

Is their a way we can maintain and update mitigating controls on GRC (GUI) back-end.UI can't be able to find those i created and migrated. Any ideas?

 

Regards, Melvin

GRC 10: User/Role Risk Analysis shows no results after implementation of SP8

$
0
0

We have upgraded from GRC 10 AC SP7 to SP8 and now when we run user violation report it returns with only the username ID. There is no Risk Description - Action etc. Please see below:

Selections:

Selections.JPG

Results:

Results.JPG

We have have generated the rules & ran a full sync but still same error. This worked before when we were on SP7.

Have any of you experienced this problem.

Your Help will be appreciated.

Kind Regards

Faizel

GRC AC 10: RAR - no analysis results

$
0
0

Hello,

 

i configured my system accoring the configuration guides.

But when I start e.g.  Access Risk Analysis for User Level/Role Level/Profile Level... no output data will be displayed!?

 

i ran all the Sync Jobs and SLG1 doesn't give me any errors.

 

FF and PSS both works fine.

 

FYI: Also in Business Role Management (BRM) no roles are displayed... maybe these two issues could be caused by the same problem?!

 

Thank you in advance

 

regards

Edgar

Workflow Approvers

$
0
0

Hi Experts

 

Few questions if you can help

 

1: Before implementing Access Request Management do we have to implement Role Management. I Activated BC Sets for Workflow GRC_MSMP_CONFIGURATION and when go to Access Reuest to create a request, it does not find any roles.

 

2. When any workflow created e.g; Function Maintenance, where does request goes to. Where do we specify name of person who would Approve it. Is it in BRF+. I changed Function and clicked on Submit and it says request submitted. Should it come in MyHome/Work Inbox (I think yes). How can I see that request as an administrator. When I go to SBWP and in Outbox under Started workflow, I can see that request. How can I approve it.

 

3. Our GRC system not connected with HR or LDAP. So how does GRC would know user/manager relationship

 

I will appreciate your help greatly.

 

Regards

Masood


GRC AC10.0 SP12 - Ad hoc ARA is not showing violations

$
0
0

Dear Experts,

 

I am facing an issue in ARA.

 

When I input user Id, Connector and execute, I am getting empty results screen.

 

Where in when I give Access Risk Id = B* or S* etc... I am getting the access violation.

 

May I know what could be the reason for this?

 

GRCFNDA SP12

GRCPINW SP12

GRCPIERP SP12

 

Regards,

Sumanth

Role Based Firefighter log report

$
0
0

HI GRC Experts,

 

I have configured role based firfighter in GRC AC 10.0

 

Created a firefighter role in and assigned to an user using ARM.

 

User then login to the backend system and used the Firefighter transactions.

 

Then updated the firefighter log sync.

 

But the log in not updated.

 

role based firefighetr.jpg

 

Thanks,

Sriram

Redirect URL for CUP with SSO

Does GRC Access Control 5.3 run on Netweaver 7.31?

$
0
0

Hi,

We have a GRC Access Controls 5.3 system running on a NW 7.02 system. For various reasons, we want to upgrade from 7.02 to 7.31.

 

Does GRC-AC 5.3 run on NW 7.31? The PAM for GRC-AC shows the supported Add-on platform versions, but is not clear on which NW versions that the GRC-AC system itself will run on.

 

Regards,
Richard.

GRC AC 10 SP12 - Role Risk Analysis returning no violations when there are violations

$
0
0

Hello

 

We recently encountered an issue with the role risk analysis returning "no violations" when there is indeed violations. It will pick up the violations when the risk analysis is run within an access request but not when you run it ad hoc. We have re-run all our syncs, re-generated the rule sets and validated they are populated in the NWBC repository but the issue has not been resolved.

 

I've included a few screen shots of an analysis being perforned on the role administrator which would definitely return violations yet no violations are found.

 

Any help would be appreciated.

Viewing all 5097 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>