Skip to Content
avatar image
Former Member

Inconsistency in risk analysis report from Compliance Calibrator 4.0

Hello Experts,

We are facing inconsistency in the Risk Analysis report which we are retrieving from compliance calibrator 4.0 (ABAP version) in one of our systems.

The scenario is as follows: -

When we run the risk analysis for a role (ABC) we get no conflicts found. And when we try to perform simulation on this role assuming that we will be adding a couple of tcodes (i.e we need to know what are the risks generated on adding these two tcodes in the existing role) and CHECKING the option of "Risks from simulation only" we get a list of risks which donot include those tcodes which we were planning to add. Ideally if there were no risks that will be generated on adding these two tcodes the anticipated report was NO CONFLICTS FOUND. But we get a list of RISKS which were not seen when we did the role analysis.

After our analysis we had come down to these 2 conclusions: -

1) Either this inconsistency is due to manually added tcodes in that role (ABC).

OR

2) There is some config issue and the compliance calibrator has not been configured properly.

Experts, please help us in resolving or zeroing down to one final logical conclusion on this issue. Your inputs are much appreciated. In anticipation of your reply. Thanks in advance.

Best Regds,

Suyog Chakot.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • avatar image
    Former Member
    Oct 30, 2009 at 02:50 PM

    Hi Suyog

    It could also be that you have some risks configured which check only the authorisation object values without a check on S_Tcode. These would be triggered if the authorisations are held regardless of the actual T_Code assignment.

    I would certainly check the ruleset for the risks which are being triggered.

    If the transactions are added manually, they would still appear in the S_TCODE Authorisation object but may impact the reporting. I would confirm your rules first though.

    Simon

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi Suyog,

      Have you therefore managed to isolate this down to manually added transaction codes?

      Although the reports should run against the actual S_TCODE authorisation object, it may be that the report is influenced by the Role Menu as well.

      If this is indeed the case, then it may not pick up the additional transactions held within a manual s_tcode authorisation object.

      Have you confirmed that the RTAs installed on the source systems are at the same version and support pack?

      Simon

  • avatar image
    Former Member
    Nov 11, 2009 at 07:30 AM

    The issue was not fixed.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Nov 13, 2009 at 08:50 AM

    Hi Suyog,

    Check the User's Profiles again.

    This may not be because of the tcodes added manullay but this inconsistency happens when there are some single roles assigned to the user directly. Which may show a conflict in Summay but not in the Tcode Detail.

    Check whether only composite roles are present to the user

    Add comment
    10|10000 characters needed characters exceeded