cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Understanding risk ids- 7 digit action rule ID and 9 digit permission rule ID

Go to solution
Former Member

on ‎07-09-2012 8:50 PM

0 Kudos

Hi Guys,

Need your help in understanding how are the 7 digit rule ids and 9 didgit permission rule id. As far as my understanding goes,the risk id comprises of 4 digits(specific to the functions that conflict i.e. GL01 &GL02) +3 digit(specific tcodes in the question i.e. FS01 and F-21) + 2 digit(??).

My guess wud be to distinguish the specific associated permission i.e. delete/create/modify etc. Please confirm?

Also, another doubt. Since there is a restriction of 3 digits given to combination of tcodes(if my understanding is correct) doesnt it kinda puts a limit to maximum no of tcode i can have in a function rather than the function being an exhaustive all-inclusive repository of related actions. This might be an issue if an orginization has a lot of customized Tcodes.

Sorry if the queries seem juvenile. Would be really thankful for any insights into understanding risks.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎07-10-2012 4:50 AM
0 Kudos

Hi Vivek,

Yes your understanding is correct regarding the 9 digit rule id.

First four digits comprise of the risk and next 3 are for action  and next two are for permissions.

For more information on the maximum number of rules kindly refer note below for details:

1310365: Maximum number of rules that can be generated

Best Regards,

Smriti

Show replies
Show replies
Former Member
‎07-10-2012 6:18 PM
0 Kudos

Hey,

Thanks a lot for your response. It does clear up  my doubts.

Regards,

Vivek Jha

Answers (1)

Answers (1)

Former Member
‎07-10-2012 4:51 AM
0 Kudos

Hi Vivek,

The way that the Risk Logic works is, there can be maximum number of 46655 rules that can be generated for each risk. This maximum number is based on the rule naming convention that you have said as Action rule Id as 7 digit. The first 4 digit of the rule will always be the Risk Id. This leaves only 3 digits which have to be unique for each combination of actions for the risk. These 3 digits can be either alpha or numeric which gives 36 possible values for each of the three digits.  This is what makes up the limitation as 36x36x36 = 46,655.  After this combination is reached, no new rules can be generated for that risk.

For more detail on this you may ref SAP Note #1310365: Maximum number of rules that can be generated

Regards

Shaily

Show replies
Show replies
Former Member
‎07-11-2012 7:02 PM
0 Kudos

Hey,

Thanks again for the detailed info. So the maximum no rules calculation involves only the actions(i.e. action rule id). So does it mean there are no rules specific to permissions.

To elaborate the last 2 digits pertaining to permissions within the same set of action. So there are no rule ids specifically to cater to these.

Sorry to be a pain.

Thanks and Regards,

Vivek

Ask a Question