Skip to Content
0
Former Member
Feb 15, 2011 at 04:22 PM

Need help creating RAR reports at permission (object) level.

28 Views

Hi All! I'm very new to this forum and was wondering if I could get some ideas on how to go about creating permission level reporting in RAR. We are running action level reporting now and need to look into permission level reporting. IE: if we find no violations at the action level, how confident can we be that we may or may not have issues at the permission level? I guess my first step is to create some rules/functions, but not really clear on how to start. Also, we have not started user mitigation, as I think it would be important to drill down to pemission level first and try and clear up any issues there. We have already cleaned all of our SAP roles that had high risk violations (we are only concentrating on high risks) and only for risks that don't have any manual mitigation tied to them). So we could still have roles that have high risk violations but if the risks associated with them are mitigated, then we are not concerning ourselves with thos... just the risks tied to roles that are not mitigated. Unfortunaly, we have to run a manual and tedious offline report analaysis to get this data because there doesn't appear to be anything within RAR. Thanks in advance!