cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC AC 10.1 - Risk Analysis Dashboard - Update

Go to solution
former_member311033
Explorer

on ‎06-03-2015 4:24 PM

0 Kudos

Hi experts!

Im working in GRC AC 10.1 SP07, and i have a dude with GRAC_BATCH_RISK_ANALYSIS / Dashboard Update. First time, we ran GRAC_BATCH_RISK_ANALYSIS program with no filters in User tab, so it synchronized all users, for example, FireFighter ID Users.

Then, i corrected this using Group User as filter (excluding FireFighter user group) and running program in full mode.

Problem is that in Risk Analysis Dashboard, FireFighter ID users still appears. I think GRAC_BATCH_RISK_ANALYSIS's filters works fine but it doesn´t delete users not included in filters from dashboard.

¿Is this a program error? or it´s just normal way program works? anybody has have similar experiences?

Thanks!!

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎06-05-2015 2:43 PM
0 Kudos

My suggestion for your problem is to use the "Maintain Exclude Objects for Batch Risk Analysis" SPRO configuration step under SPRO -> Access Control -> Access Risk Analysis -> Batch risk analysis. After entering the IDs or roles you want to exclude, they will automatically be removed from the dashboards.

In regards to Ken's comment, if you want to report on critical actions separate from SOD risks then you could change the risk rankings for the critical actions to "Critical" or create a custom risk ranking. That way you will see them in different categories.

Show replies
Show replies
former_member311033
Explorer
‎06-08-2015 2:25 PM
0 Kudos

Hi Chris!

Yor suggestion worked perfectly, thanks!!

And yes, for critical actions they are classified as critical risk, so they are shown separately in risk dashboards.

Answers (1)

Answers (1)

Former Member
‎06-03-2015 8:22 PM
0 Kudos

Hi Emiliano,

This is how the dashboards have always behaved in 10.0, and this is the reason why I feel the dashboards are USELESS.  You are facing the exact issue that I faced several times, and I have concluded that the dashboards simply aren't a great way to capture a clear picture of the health of the landscape.  In fact, because of the initial execution where you used * for all restrictions, you now have a ton of data for all users and roles that make things look much worse than they are.

Moreover, there isn't the ability to view SOD risks only.  All of the violation #s in the dashboards include ALL risk types, including Critical Action risks (that you may not want to report on, like in my situation).

I recommend not using the dashboards at all because they paint a worse picture than what really exists.  The only dashboard that might be useful is the "Violations Comparison" which will show you how the risk totals change over time during remediation efforts.

Stick to the true ARA reports and build pivot tables in Excel to give you a clear picture of the health of your landscape.

-Ken

Show replies
Show replies
Former Member
‎08-25-2015 12:10 PM
0 Kudos

Hi Ken,

If you want to see only SOD risks, you can use parameter 1049  -Default Management Report Risk Type with value 1.

Regards.

Ask a Question