Quantcast
Channel: SCN : All Content - Governance, Risk and Compliance (SAP GRC)
Viewing all 5097 articles
Browse latest View live

Business Role in Access Request

September 5, 2013, 12:19 am
$
0
0

     Hello Gurus,

 

 

We are following Business Role concept for provisioning....

 

 

Workflow we are maintaining for the New Request is Requestor -> Manager -> Role Owner-> Provisioning

 

 

Here Requestor will select the Business Role (Nothing but a Job Position) and submit the request.

 

 

After the Manager Approval... Role owner will do the risk analysis and if he wants to remove any technical role in the selected business
role... there is no option for that...

 

 

So please suggest.....how to remove a technical role from the selected business role by the role owner

 

 

Thanks,

 

 

Sriram

Search

Process Control 10.0 - Automatic Control - Plan:Close without Plan > Issue

January 16, 2013, 5:24 am
$
0
0

Hi all,

 

In the evaluation of a automatic control the user can close a Issue without any plan by the button "Close without Plan" and he has to write some comments.

 

If I want to see the comments how I have to do? Where in the GRC? Can I disable this button?

 

Thanks

 

 

Immagine in linea 1

GRC 10.0 SP10 - AC EAM Plug in Custom Notification Message

August 22, 2013, 5:33 am
$
0
0

Hi All,

    

I am having trouble customizing the SPM Login notification message in the plug in system (using decentralized FF).

   

I have created the custom text  - SPRO > Governance, Risk and Compliance (Plug-In) > Access Control > Maintain Text for Custom Notification Messages (Plug-In)

 

I then created an entry in SPRO > Governance, Risk and Compliance (Plug-In) > Access Control > Maintain Custom Notification Messages for Emergency Access (Plug-In)

 

Everything looks good, but when the email is triggered it still displays the default message…

 

Only thing I can think of is that I am not using the correct message class?

 

On the GRC side the message class is 0AC_SPM_NOTIFICATION - which works fine.

 

On the Plug in side I do not see this class. Looking in SE91, the closest thing I can find is /GRCPI/GRIA_SPM (message 000) - which is what I am using…

 

Would appreciate any help.

    

Many thanks

Wally

GTS 10.1 SPL screening - getting many hits

September 10, 2013, 12:04 pm
$
0
0

We recently upgraded from GTS 7.1 to GTS 10.1 and are seeing differences in the way the SPL screening happens. 

We are getting many more blocks even though our config & master data for SPL is the same in 10.1 as it was set in 7.1.

(we do not use TREX), just the classic SPL.

 

Example:

 

Do a 'Simulate General Address Check'  for the following

           Name = KOTOBUKI

           Country = XX

 

We are getting a hit in 10.1 for the following results

 

BP original        BP Search Term          SPL Original         SPL Search Term            Match

XX                    XX                                                                                                100.00

KOTOBUKI       COTOBUCI                  UCK                      UC                                66.67

 

 

In our previous system (7.1) this exact address check would not have caused a hit.

Now in 10.1 it is blocking on this check based on a 66.67 match.  We are not sure where it gets a 66.67 match

It appears it is comparing SPL original to SPL search term. 

 

Any thoughts on what we need to look at changing?

 

 

FYI - we do run the following daily in a batch job

 

/SAPSLL/SPL_CUS_APP_BUFF_RESET

/SAPSLL/SPL_CREATE_SEARCHTERMS

/SAPSLL/SPL_INDEX_CREATE

/SAPSLL/SPL_CREATE_SEARCHTADRC

/SAPSLL/SPL_CHECK_SCENARIO_C1

 

Thank you.

GRC 10:NO ROLE owner standard detour path issue

September 10, 2013, 6:14 am
$
0
0

Hi All,

 

We are on GRC 10 SP09.I have configured single stage path i.e(Q_PATH with ROLE_OWNER stage).

 

Enabled the routing rule i.e. GRAC_MSMP_DETOUR_NOROLE_OWNER

Routing Level is Line item level

Created one more path with no stage

 

Mapped NO ROLE OWNER detour path between main and detour path  at step 6 in MSMP but my request is closing as "No agent found, cancelling path Q_PATH (in stage no. 002 - Z_ROLE_ST01)"

 

 

Please suggest me where configuration is missing.

 

 

Thanks and Regards,

Sushma M

Access Request Management - third-party approvers

September 4, 2013, 6:47 am
$
0
0

Hi all!

 

Does anybody have any documentation about assign approvers from a third-party system to Access Request Management?

 

Thanks in advance,


Aldo Kusuke

Company Code no longer available in Org Rules dropdown.

September 10, 2013, 6:58 am
$
0
0

Hello Gurus!

 

After the most recent import of the Ruleset from Dev to Prod we found that not only did our Org Rules disappear but also that when we try to create new Org Rules the Company Code drop down isn't available in Production!

 

I have checked develpment and the Company Code option is still available, see attachment.

 

Help!

GRC 5.3 to 10.0 upgrade

September 10, 2013, 10:11 am
$
0
0

Dear All,

 

     We are trying to upgrade GRC 5.3 to GRC 10.0, we have done all the configuration part. When trying to upload rules, we uploaded with one table i.e, VIRSA_CC_RISK but still there are 8 tables i.e ,

 

VIRSA_CC_FUNC
VIRSA_CC_FUNCACT
VIRSA_CC_FUNCBP
VIRSA_CC_FUNCPRM
VIRSA_CC_RISKFUNC
VIRSA_CC_RISKT
VIRSA_CC_RULESET
VIRSA_CC_RISKRS

 

 

 

Please let me know whether we need to upload all or any one table is enough.

 

After uploading VIRSA_CC_RISK, we tried to find the risk in the roles, but we are getting 500 exception and timed out even for simple role.

Please let me know the solution ASAP.

Search

Provisioning logs are not creating in GRC 10.0

September 3, 2013, 11:11 am
$
0
0

Hello Experts,

 

Can you any tell me the reason for not creating the provisioning logs for any access request type i.e user creation, User change, etc in GRC10.0?

 

SP levels are:

 

GRCFND_A V1000 SAPK-V1011INGRCFNDA

GRCPINW V1000_700 SAPK-10309INGRCPINW

 

Thanks in advance

 

 

Hari

PC 10: Making Attachments available in Reports

September 11, 2013, 12:34 am
$
0
0

Hi All,

 

We are introducing existing (missing) standard fields into existing standard reports in Process Control 10. The challenges we are facing is mostly with fields that are not available in the the standard report customization settings in SPRO.

 

Hence, the question below:

In the navigation, master data > organizations > subprocess> local control the tab called attachments will list a few entries which have been added in the master data creation / updation process.

 

The intent is to make the contents of the attachments tab available in one cell of the report "Organization and Process Structure" for every control listed such that it helps the business to view the complete master data in the report online without having to open multiple windows each time to view this data,

 

The possibility of making this available offline is also to be explored since the attachments offer hyperlinks methodology to open the attachments (added as files or links).

 

I hope this is clear and you may help. I may have to go to SAP directly if this question is not answered in this forum.

 

Thanks,

Mohammed Kashif

Need to custamize the role search screen

September 11, 2013, 10:35 am
$
0
0

Hi Gurus, 

 

 

As per my customer requirment the requestor must see only Role type attribute with business role while adding the role to the New Request. So for that i need to custamize the role search screen.

scrren.jpg

Business Role SoD Detour path

September 11, 2013, 10:42 am
$
0
0

Helo Gurus,

 

We have maintained detour path at role owner stage for SoD voilation. when an requetor is selecting the single role in the access request the detour path is working fine. but if the requestor selects the business role in the acccess request the detour path is not recognizing (i.e, after the role owner approval the request is getting closed). Please provide the solution for the same.

 

Thanks,

Sriram

PC 10: Local P3 Control screen is editable some times under master data

September 11, 2013, 12:40 am
$
0
0

Hi All,

 

I am noticing a strange behaviour in the PC 10 system when I have introduced new regulations. The behavior is limited to one system and may also not be affected by a new regulation. I wonder if any one of you has come across this or has an explanation to this.

 

When I open Master Data > Organizations > Subprocess > Control

 

Most of the controls i see are uneditable but a few of them are editable where the data can be changed in these controls. I have tried opening these controls in different timeframes when the controls were valid and I experience the same behavior. I tried comparing these controls (editable and non editable) and have not found any reason of difference that makes them editable.

 

I wondered if there is an explanation to this.

 

Thanks,

Mohammed Kashif

Business Role in Access Request

September 5, 2013, 12:19 am
$
0
0

     Hello Gurus,

 

 

We are following Business Role concept for provisioning....

 

 

Workflow we are maintaining for the New Request is Requestor -> Manager -> Role Owner-> Provisioning

 

 

Here Requestor will select the Business Role (Nothing but a Job Position) and submit the request.

 

 

After the Manager Approval... Role owner will do the risk analysis and if he wants to remove any technical role in the selected business
role... there is no option for that...

 

 

So please suggest.....how to remove a technical role from the selected business role by the role owner

 

 

Thanks,

 

 

Sriram

Risks created are not appearing in the risk catalog in NWBC

September 12, 2013, 1:14 am
$
0
0
  1. When we created a Risk in the NWBC à Assessments à Risk Assessments àRisk and Opportunities, it is not appearing in the list.
  2. However, we could download the Risks created and also appearing in SPRO expert mode.

untitled.JPG

We have configured our workflows / post installation steps ( RM 10.0, SP11) correctly.

Search

SAP GRC How does Mitigation Monitoring work ?

September 11, 2013, 8:54 am
$
0
0

Hello All,

 

I am trying to learn the processes related to mitigation control monitoring. I understand a control requires an approver and a monitor. So what functions
does the mitigation monitor perform ?.

 

I'm interested in any reports that need to be working that would be employed by the monitor. Is there an enforcement mechanism logging or reporting
when the monitor runs related reports on mitigating controls ?  Also, is there available documentation on this
process ?

 

All information on this topic is welcome.

 

Thanks !

Jamie

PC: Not possible to plan; no organization is subject to sign-off

September 9, 2013, 12:46 am
$
0
0

Hi,

 

I am not able to plan a sign-off, simply because the global organizational unit is not subject to sign-off.

 

The weird is when I change the organization from not subject to sign-off to subject to sign-off in the master data and save the changes (no errors) and go back to the organizational unit the changes are in fact not updated.

 

Any idea?

Where to assign Mitigation control owner and approver to org unit in GRC 10?

September 12, 2013, 6:19 pm
$
0
0

Hi Fellow members,

We don't use NWBC, we use the portal instead. In this scenario, kindly advice on how and where to do the above. Also advice to which org unit the assignment needs to be made?

 

I am trying to create a mitigation control and am facing this roadblock as this is a prerequisite for it.

SLA implementation at Access Request

September 12, 2013, 12:07 am
$
0
0

Hi everybody,

 

We would like to implement an SLA scenario at Access Request Management. We would neither implement implement CUP Review nor SoD Review. We would like

1. to send a reminder email to any approver who does not execute the approval / rejection of a request since more than 2 days and

2. to send an escalation email to any approver and the Risk Manager in addition.

 

Unfortunately we don't find any way for implementation. So, if there might be someone who already have prepared such a scenario, please us know, how.

 

Thanks therefore.

 

Cheers

Matthias

Upgrade GRC 5.3 to GRC AC10

January 28, 2013, 10:47 pm
$
0
0

Hello Gurus,

We have a tricky situation at hand. We have a ECC 6.0 EHP4 system on Netweaver 7.0 EHP 2 platform , and GRC plugins of 5.3 are installed.

We want to upgrade from GRC 5.3 to GRC AC 10.

 

I would like to know if it is possible to upgrade from 5.3 to 10 which is installed as ADD-ON on ECC system.

Has anyone upgraded in such scenario ?? The hardware capability or memory is not an issue on the server.

 

What could be the Do's & don't for such scenarios ??

 

Please suggest,

 

Regards,

Victor

Viewing all 5097 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>