Quantcast
Channel: SCN : All Content - Governance, Risk and Compliance (SAP GRC)
Viewing all 5097 articles
Browse latest View live

BRM vs AGR_1251 Entries

December 16, 2014, 6:31 am
$
0
0

Hi Everyone,

 

Today our customer reported a Issue while they came across while using BRM.

 

Example Scenario:

 

 

 

I have created a role in backend directly. Added a Tcode which included objects with Org.Level fields and generated the role in backend. Below are my AGR_1251 table entries.

 

100.png

 

I have created a similar role from BRM. Added a Tcode which included objects with Org.Level fields and generated the role in BRM.Below are my AGR_1251 table entries.

 

200.png


Basically I wanted to understand why there is difference in AGR_1251 table entries depending on generation from backend or through BRM.

 

I have maintained $BUKRS value as 1000 in role.

 

Someone please share details if you know about this issue.

 

~ Madan

Search

GRC 10.0 with SAP PI 7.4 Java only

December 16, 2014, 10:08 am
$
0
0

Hi,

 

Did anyone connect GRC 10.0 with SAP PI 7.4 Java only installation? Need some document or information on this.

 

Regards.

Alert Generation email format for Critical risk id's

December 16, 2014, 8:38 am
$
0
0

Hi Gurus,

 

We have configured Alert Generation for our High risk id's/t-codes. The alert contains useful information, but it's formatted oddly and is hard to read. Do we have any control over the email template formatting to make it easier to read?

 

Capture1.PNG

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Regards,

Salman

PC 10 Ad hoc issues - delete

December 11, 2012, 7:48 am
$
0
0

Has anybody had experience deleting ad hoc issues and associated workflow.  I asume this would be done using the transaction to delete cases and workflows, but do you know if they are any consequences of doing this?

Short dump "TABLE_INVALID_INDEX" with Model user request

December 16, 2014, 1:11 pm
$
0
0

Hello,

I am just facing an issue with the Model User Functionality

We are on GRC 10,1 SP7 with SAP Netweaver 740:

when modeling an user, everyting seems to work fine (user details, roles are picked, etc.)

However during the verification step of the assigned roles the system creates an short dump

 

 

runtime error        TABLE_INVALID_INDEX

Web-Dynpro-Component   GRAC_UIBB_ACCESS_REQUEST

ABAP program         /1BCWDY/0O2TMQLGMM08OTGM4VNM==CP

 

 

source code extract:

 

 

  6351             endif.

  6352             clear ls_valid_to.

  6353             lv_counter = 1.

  6354

  6355             loop at wd_comp_controller->mt_item_valid_to into ls_valid_to .

  6356                 if ls_valid_to-item_id eq lv_item_id .

  6357                   ls_valid_to-valid_to = lv_valid_to.

  6358                   modify    wd_comp_controller->mt_item_valid_to from ls_valid_to index

>>>>>                   exit.

  6360                 endif.

  6361             add 1 to lv_counter.

  6362             endloop.

  6363

  6364           endif.

  6365         endif.

  6366

  6367

 

For me this short dump looks more basis-related than GRC-related and so far I couldn't find anything in the SAP notes portal.

Has anyone of who encountered similar dumps ?

 

thank you

 

Johannes

Database Table GRFNMWCNAGNT - record not found

October 9, 2014, 4:55 am
$
0
0

Hello all,

 

we are in the process of GRC 10.0 implementation. Support Package level 05.

We are trying to generate some Process but we are still facing the same error.

 

Transaction: GRFNMW_GEN_VERSION, we get the following error :

 

Database Table GRFNMWCNAGNT - record not found (key: SAP_GRAC_MIT_CONTROL_MAINT/CONTROL_APPROVER)

Checking Definition of Agent 'CONTROL_APPROVER' (Process Type SSAP_GRAC_MIT_CONTROL_MAINT) ...

Agent ID 'CONTROL_APPROVER' is not for requested purpose 'Approval'; agent purpose = ''

 

 

Please can someone put some Light of this ?

 

Any suggestion will be very appreciated

 

Kind regard

Omar

PC10: trying to make Regulation as mandatory field during control setup

December 17, 2014, 11:03 am
$
0
0

Hi All,

 

Is there a way to make Regulation a mandatory field on Control creation screen in Process Control-

 

Central Control Level:

NWBC->Master Data->Activities and Processes->Business Processes

 

Local Control Level:

NWBC->Master Data->Organization->Assigning Subprocess with Controls (Allow local changes as Yes)

 

Thanks!!!

Abhishek

Default value for field Due Date at new Access Request

December 10, 2014, 12:43 pm
$
0
0

Hello Community,

 

Someone knows how can I change the default value for the Due Date field at an Access Request?

 

SDN2.jpg

 

If the user doesn´t provide a data GRC AC automatically fills it with the current date. Is there any manner to set a default value for this?

 

Thanks,

Pedro

Search

Submit button is greyed out while trying to approve the request via the link in the email notiifcation

December 17, 2014, 5:44 am
$
0
0

 

We have enabled the option Approve by Email in the stage of teh MSMP path. Also maintained the variable %LINK_APPROVE_REJECT% in the Notifcation template

FF log not going to Controller_urgent help required

December 9, 2014, 5:26 am
$
0
0

Dear Experts

 

We are on GRC10 SP13 and struggling with FF log review workflow which is not getting triggered even after several attempts.

 

I have tested (below listed)most of the thing but not sure what is missing:

 

1.parameter 4007 and 4009 set to yes, back ground jon spm-sync_update running every hour successfully.

2, MSMP workflow for log review configured correctly with notification setting in place at stage level. Generated at Production box again.

3. Wf-Batch user and Controller have email ids as master data.

 

I am really not sure what else i can check, Kindly help.

 

regards

Asheesh

FF logs deletion background program

December 9, 2014, 3:59 am
$
0
0

We would like to delete old FF logs from 2007 onwards, that's lying in the SAP tables unused and aim is to retain only a year's logs.

But for deleting even for one day's log the system is resulting in dump, as the maximum dialog workprocess runtime (prameter: rdisp/max_wprun_time) is set to 1800 seconds.(It's not feasible to set the value the parameter to a higher value as it would impact performance)

 

Procedure followed to delete the logs:


/n/VIRSA/VFAT --> Administration --> Archive --> Delete/Download Log --> Select from and to date --> Check Delete --> Execute.

 

We have already gone through the SAP notes below:

1041912 - Firefighter Best Practice Archiving Strategy
1228205 - Error when trying to execute Log Data Auto Archive utility
1598473 - Substantial growth of DBTABLOG table due to VIRSA-ZVFATBAK
1636952 - Option to choose an archive period for EAM log
1710740 - Archive tables /VIRSA/ZFFTNSLOG and /VIRSA/ZVIRFFLOG
1891124 - Archive tables /VIRSA/ZFFTNSLOG and /VIRSA/ZVIRFFLOG


Is there a program available to schedule deletion of the FF logs in the background ?
What other options can we opt? As we do not want all logs to be archived until today.

 

GRC 10.0;Service Pack :- 13

Where do we implement Firefighter User Exit

December 17, 2014, 2:48 pm
$
0
0

Hello,

 

Can anyone tell me where do we implement Firefighter User Exit in SAP. Is it GRC system or the Back-end system?

 

I am talking about SAP Note 1545511 (Firefighter User Exit)

GRC 10.1 EAM getting Incorrect Password at Firefighter Logon

December 17, 2014, 12:32 pm
$
0
0

Hi SCN community,

   Kind of an odd ball issue I am seeing in GRC 10.1's emergency access area.  We have one particular firefighter that is no longer allowing users to login as it through GRAC_EAM, while other firefighters work just fine.  The error we are getting is either:

Incorrect Name/Password

Too many failed attempts account locked

 

I have attempted:

Reset the password of/unlocked the firefighter account (both to a set value, and the generate password), closed SAP, and tried to logon as the firefighter again

Ran EAM Master Data Sync through SPRO on our GRC box

 

I do not see any errors in SLG1 or ST22 (both GRC and the plug in system, in this case our ECC environment) that line up with the time of my attempts of trying to logon as the firefighter.

 

Has anyone seen this happen before, and how did you fix it?  My next option im weighing is dropping the account and recreating it.

 

Thanks,

Josh

Map SCN Name automatically during ID Creation through GRC 10

November 4, 2014, 1:12 am
$
0
0

Hello All,

      We have implemented GRC 10 successfully and ID creation and provisioning is working fine. But now we want the SNC Name to get populated automatically(In a specific format) while the ID is created. Is there any way we can do this?

 

 

Thanks and Regards,

Mohamed Fazil

Alert Generation email format for Critical risk id's

December 16, 2014, 8:38 am
$
0
0

Hi Gurus,

 

We have configured Alert Generation for our High risk id's/t-codes. The alert contains useful information, but it's formatted oddly and is hard to read. Do we have any control over the email template formatting to make it easier to read?

 

Capture1.PNG

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Regards,

Salman

Search

Mitigation control ID field gets filled with some control ID

December 18, 2014, 4:59 am
$
0
0

We have a issue with the Control ID for mitigation getting filled with some value .We are not able to make the basis of these value being filled in while trying to mitigate the risk by the approver.

 

 

 

 

GRAC: Initiator based on Business role and System

December 18, 2014, 2:00 am
$
0
0

Hi all.

 

I need to create a Initiator BRF+ based on the System. The problem is we provide Business roles, and those ones does not contain System so i have no idea how to check the value of this field in order to create an initiator rule.

 

Any suggestion?

 

Kind regards and thank you.

 

Sara.

Short dump "TABLE_INVALID_INDEX" with Model user request

December 16, 2014, 1:11 pm
$
0
0

Hello,

I am just facing an issue with the Model User Functionality

We are on GRC 10,1 SP7 with SAP Netweaver 740:

when modeling an user, everyting seems to work fine (user details, roles are picked, etc.)

However during the verification step of the assigned roles the system creates an short dump

 

 

runtime error        TABLE_INVALID_INDEX

Web-Dynpro-Component   GRAC_UIBB_ACCESS_REQUEST

ABAP program         /1BCWDY/0O2TMQLGMM08OTGM4VNM==CP

 

 

source code extract:

 

 

  6351             endif.

  6352             clear ls_valid_to.

  6353             lv_counter = 1.

  6354

  6355             loop at wd_comp_controller->mt_item_valid_to into ls_valid_to .

  6356                 if ls_valid_to-item_id eq lv_item_id .

  6357                   ls_valid_to-valid_to = lv_valid_to.

  6358                   modify    wd_comp_controller->mt_item_valid_to from ls_valid_to index

>>>>>                   exit.

  6360                 endif.

  6361             add 1 to lv_counter.

  6362             endloop.

  6363

  6364           endif.

  6365         endif.

  6366

  6367

 

For me this short dump looks more basis-related than GRC-related and so far I couldn't find anything in the SAP notes portal.

Has anyone of who encountered similar dumps ?

 

thank you

 

Johannes

GRC at GERMAN bank

December 17, 2014, 10:12 pm
$
0
0

Dear Community,

 

I have to prepare a benchmark analysis and want to know if SAP GRC is already in use at a GERMAN bank like 'Deutsche Bank'.

If someone knows, please let me know which bank.

 

Thanks for your support in advance.

 

Kind Regards

Matthias

Sap BusinessObjects Access Control 10.0

April 19, 2011, 3:00 pm
$
0
0

A fragmented, reactive approach to managing access risk isn't just inefficient and costly - it's bad for business. The SAP BusinessObjects Access Control application can enable your business to confidently manage and reduce access risk across the enterprise by helping you prevent unauthorized access and achieve real-time visibility into access risk.


To learn more about SAP GRC solutions, please visit our product page, or go to the GRC area of BPX. We also invite you to learn more about SAP GRC Access Control 5.3.

 

 

Getting Started

GRC 10.0 Pre-Installation 
The presentation explains the new architecture and the necessary prerequisites for a successful installation of SAP BusinessObjects GRC 10.0 and guides the reader through the installation procedure of the software.

 

GRC 10.0 Post-Installation 
The presentation explains the necessary post-installation steps in SAP BusinessObjects GRC 10.0.

 

AC 10.0 Post-Installation  
The presentation covers the basic steps required for setting up SAP BusinessObjects GRC 10.0. For setting up specific functionality please refer to corresponding pre-implementation guide.

 

AC 10.0 - Installation Checklist 
This guide provides a checklist for your installation activities for the Access Control 10.0 application.

 

Access Risk Analysis

AC 10.0 Pre-Implementation From Post-Installation to First Risk Analysis
This document allows implementation consultants and administrators to setup the required functionality for running a user level risk analysis after the post-installation has been finished. This is by no means a comprehensive guide for setting up the Access Risk Analysis component, rather it allows testing the application is working properly by setting up a basic test case.

 

AC 10.0 - Enhanced Access Risk Analysis  
This document describes the major enhancements to the access risk analysis capability of GRC, including end user customization and personalization. It covers how to navigate through the different reports, and also about new functionality such as new bulk maintenance, automation, audit trail, and mitigation options.

 

Emergency Access

AC 10.0 Pre-Implementation From Post-Installation to First Emergency Access 
This document allows implementation consultants and administrators to setup the required functionality for running an emergency access (firefighter) session after the post-installation has been finished. This is by no means a comprehensive guide for setting up the Emergency Access Management component, rather it allows testing the application is working properly by setting up a basic test case.

 

AC 10.0 - Centralized Emergency Access 
This document is a detailed guide on the emergency access capability of Access Control 10.0. It explains the basic concepts about emergency access and provide details on how to configure the application. Also this document includes additional information on the types of logs available for monitoring the emergency accesses.

 

Business Role Management

AC 10.0 Pre-Implementation From Post-Installation to First Role Creation  
This document allows implementation consultants and administrators to setup the required functionality for creating a single role in AC after the post-installation has been finished. This is by no means a comprehensive guide for setting up the Business Role Management component, rather it allows testing the application is working properly by setting up a basic test case.

 

AC 10.0 - Business Role Management 
This document allows implementation consultants and administrators to setup the required functionality for creating roles in AC after the post-installation has been finished. This guide provides the configuration steps for setting up Business Role Management.

 

Access Request Management

AC 10.0 Pre-Implementation From Post-Installation to First Access Request 
This document allows implementation consultants and administrators to setup the required functionality for creating an access request after the post-installation has been finished, please notice that it is required to configure Role Management before being able to request role assignments. This is by no means a comprehensive guide for setting up MSMP workflows, rather it allows testing the application is working properly by setting up a basic test case.

 

AC 10.0 - Customizing Workflows for Access Management
This document allows implementation consultants and administrators to setup the required functionality for enabling the workflow engine in AC 10.0. You will learn the main components of the new workflow engine and how to customize them, also how to create agents and initiators using Function Modules and BRFplus.

 

AC 10.0 - How to Customize Notification Templates for AC Workflow  
This how-to-guide explains how to set up the SAPconnect communication interface in your application server in order to send out email notifications triggered by workflow events in Access Control 10.0. This guide provides a comprehensive overview of workflow events that can trigger email notifications and notification variables used to populate the message bodies with information that is specific to each request. The guide also explains how the pre-delivered message bodies can be replaced by custom messages as well as how email reminders are set up.

 

AC 10.0 - Managing Custom Fields for Access & Role Management 
This document explains how to setup the required functionality for adding custom fields to access requests and roles maintained in GRC 10.0.

 

AC 10.0 - End User Personalization  
This how-to-guide explains the End User Personalization concept in Access Control 10.0 and the technical configuration to attain that functionality.

 

AC 10.0 - Performing Segregation of Duties Review 
This how-to-guide explains the Segregation of Duties Review concept and the technical configuration to attain that functionality.

 

Integration with Other Applications

 

GRC 10.0 Integration Guide:

Access Control 10.0 and NetWeaver Identity Management

SAP Access Control 10.0 Interface for Identity Management
These documents cover all the new web services for Access Control 10.0 and integration scenarios with IDM solutions. The main foundation for this integration is based on NetWeaver Identity Management 7.2.

 

SAP BusinessObjects GRC 10.0 Integration Guide - Access and Process Control 10.0 

With the release of GRC 10.0, Access Control and Process Control are offered as an integrated solution, both at the data layer and at the user interface layer. This new unified platform enables increased harmonization of key master data. Organization, process and control structures can now be shared across components of Access Control and Process Control, which supports a more integrated approach to governance, risk, and compliance. Access risks identified in Access Control can be mitigated using controls managed by Process Control, as an example. This document details methods for harmonizing data across Access Control and Process Control.

 

Access Control 5.3

SAP GRC Access Control 5.3  
SAP GRC Solutions for Access Control handle sustainable prevention of segregation-of-duties (SoD) violations.

Viewing all 5097 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>