Skip to Content
author's profile photo Former Member
Former Member

ARA does not show Violations in a role though conflicting transaction codes are assigned???

Hi,

I have noticed that a role having conflicting transaction codes assigned in the back end system is not propelry analyzed and in ARA application. When this role is analyzed, "No Violations" message is shown though there are conflicing transaction codes assigned.

As far risk definitaion is concerned, conflicting actions are properly defined in respective conflicting actions and thse actions are grouped in a risk, which is applicable to a logical group (which in turn has the connector included causing this problem) and they are active.

Rule are properly generated for the all the risks and functions. However, at the time of running risk analysis for this role, ARA is not showing as risk.

May any one please advise on this?

Regards,

Rehan

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

4 Answers

  • author's profile photo Former Member
    Former Member
    Posted on Jun 30, 2014 at 01:17 AM

    Hello Rehan

    3 step check for ur issue:

    1 are you able to search for your role in GRC 10 in role analysis screen rather then just paste the role?

    2 check k the object values related to tcodes added, check for 03 and 3 difference.

    3 can you delete the profile and regenerate it, if not solved by it recreate the role and then try.

    Rajesh

    Message was edited by: Rajesh Nanda

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Jun 29, 2014 at 01:02 PM

    Hi Rehan

    did you run risk analysis for action or permission level? What was your selection criteria?

    regards

    Colleen

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jun 29, 2014 at 01:08 PM

    In addition to selection criteria, also please ensure that you have executed the programs programs GRAC_PFCG_AUTHORIZATION_SYNC and GRAC_REPOSITORY_OBJECT_SYNC in full sync mode at least once.

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      This role in question is not mitigated! Therefore, this option "Include Mitigated" risks is not included in the selection criteria.

      I have noticed so far, this is happening with 2 roles.

      Secondly, I have created a test risk with test functions. A role is created in the back end system and conflicting tcodes are added. This role is synchronized and then analyzed. Surprisingly, This is showing correct result!

      I am not sure why this sporadic behavior is being shown by the tool. This is quite confusing. If it has shown "No Violations" for all the roles, then it would have been easy to understand.

      But as I explained above, this is happening with some roles and does not happen with some other roles.

      Really not sure how to crack it.

      Please advise.

      Regards,

      Rehan

  • Posted on Jun 30, 2014 at 03:58 PM

    Hi Rehan,

    Are you running the analysis from "reports and analytics" or "access management" tab?

    If from reports and analytics, then has the batch risk analysis on the backend system completed successfully?

    Make sure you are not running an offline report without batch risk analysis completed.

    Thanks

    Sammukh

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.