cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC AC 10: RAR - no analysis results

Go to solution
Former Member

on ‎05-01-2013 12:42 PM

0 Kudos

Hello,

i configured my system accoring the configuration guides.

But when I start e.g.  Access Risk Analysis for User Level/Role Level/Profile Level... no output data will be displayed!?

i ran all the Sync Jobs and SLG1 doesn't give me any errors.

FF and PSS both works fine.

FYI: Also in Business Role Management (BRM) no roles are displayed... maybe these two issues could be caused by the same problem?!

Thank you in advance

regards

Edgar

Show replies
Show replies
Answer
View Entire Topic
Colleen
Advisor
Advisor
‎05-02-2013 2:24 AM
0 Kudos

Hi Edgar

For the ruleset  - are you using the SAP standard as delivered in the BC Sets? If so, after activating them, did you generate them.?

also, which SP are you on as there have been a few notes recently relating to No Violations displaying such as below:

Note 1824956 - User Analysis Report shows "No violations"

Note 1817251 - User Analysis Report shows "No violations"

On you FYI comment about the BRM with NO roles are displaying....

  1. Is this on the role repository in NWBC?
  2. Did you complete the Role Import in NWBC to pull the role definitions into the repository (this is not the same as a they synch)

For both issues-  have you competed Maintain Connection Settings in the Integration Framework for ROLEMG, PROV, AUTH and SUPGM?

Show replies
Show replies
Former Member
‎05-02-2013 9:51 AM
0 Kudos

Hi Colleen,

thanks for your helpfull response!

Yes, i use the pre-delivered BC Sets/rulesets.

Yes, after activation, I generated the SoD Rules in Governance, Risk and Compliance > Access Risk Analysis > SoD Rules > Generate SoD Rules (slide 13 of AC 10.0 Pre-Implementation From Post-Installation to First Risk Analysis.pdf), if u mean that.

I am running GRC on SP12. so Note 1817251 is already implemented.

Now I have implemented Note 182456.

But still NO Risk Analysis result in Access Management > Access Risk Analysis > User/Role/Profile Level (screenshot)

accorind to my BRM issue:

I didn't know that I have to import all the roles first... and thought a sync would be enough.

Now i imported the roles from my backend systems and now they show up in BRM 🙂 thank you!

Any other suggestions for my RAR issue?

Thanks in advance

Colleen
Advisor
Advisor
‎05-02-2013 10:00 AM
0 Kudos

Hi

Other things to check

Configuration parameters for risk analysis - see of you are excluding any users (eg locked)

Look at the functions in the rule set for the connector group they are against and check to see if your connectors are in the same group?

Rerun your full object synch since importing roles

Sorry messaging from phone so can't provide steps

Former Member
‎05-02-2013 11:09 AM
0 Kudos

Hi Colleen,

I found something weird. Maybe i just dont get the sense of the filed "System" (in Function/Action details) or there is something wrong.

In the screenshot u can see, that my 2 backend System "GRC->..." are available in the dropdown list.

The Functions are NOT assigned to them, they are assigned e.g. to SAP R3.

Just for understanding... should the Action assigned to my backend system oder only to e.g. SAP R3 (and my backend system to the group SAP r3).

Because I think, my backend system should be visible in this dropdown list, do they?

I dont know, where i customized this, so they are visible in the dropdown list...

Former Member
‎05-02-2013 11:20 AM
0 Kudos

Dear Edgar,

I guess the SAP R3 is the logical group. Just make sure that

1.The physical system(Connector) for which you are running the riks analysis i spart of the logical group.

2. The rules exist for the logical group.(GRACACTRULE).

Thanks & Regards

Japneet singh

Former Member
‎05-13-2013 9:14 PM
0 Kudos

Hi Colleen,

I am running the ad hoc user risk analysis and it's working for some users and not working for other users. For the non-working users, I am not getting any results at all. when I run the analysis at the permission level/action . We are on SP10. All rules have been generated and all jobs have been schdueled. I also ran it by including mitigated risks for just one risk. Any ideas on what could be  possibly wrong. We are doing a migration from Virsa to GRC 10 and just trying to validate/compare the user analysis results we got from Virsa to GRC 10. Virsa shows the user's violations but AC 10 is coming up BLANK for this user but I see that this user's riks are gnerated when I go to GRACACTRULE and also in NWBC. All the batch jobs and synchm jobs were sucessfully completeed as well. Any ideas?

This is very urgent for me...I will appreciate if anyone has a feedback.

My second question is unrelated. Currently we have only ONE ruleset - our customized ruleset that we migrated from our Virsa system.  When you go into GRC NWBC. our permissions and rules are pointing at our physical connector which was created in Sm59 but my question is 1) should we create a custom connector group for this connector and assign the connector to the custom connector group? or should we assign it to the SAP_BAS_LG connector group? or SAP NHR_LG connector group? Why or why not? What does the connector group control or impact:?

2) We would like to house our custom rules as described above and GLOBAL rules as well in AC 10. Should we create another physical connector for our global rules ? or should we use the same connector that we used in  (1) above for the custom rules but assign the connector to a different connector group e.g SAP_BAS_LG and SAP_NHR_LG.

Colleen
Advisor
Advisor
‎05-17-2013 1:16 AM
0 Kudos

Hi Rajesh

Have you looked at which users fail and why? Configuration parameters can exclude objects

Secondly, when you run the report do not have an blank fields - remove them if you don't use them.

for the comparison - also check that your Ruleset - Risks and Functions are the same and are generated.

In mentioning SP10, did you look at the notes?

Note 1824956 - User Analysis Report shows "No violations"

Note 1817251 - User Analysis Report shows "No violations"

Anything else, I recommend a new thread and post some pictures and steps of what you have  attempted to do.

Former Member
‎11-06-2013 12:44 PM
0 Kudos

Hi,

I see that you have selected as * for Custom group. Kindly check if there is any custom group is maintained in GRC box, if not I woul drequest you to remove the Custom group field from selction criteria or keep it blank instead of * .  This is because * is not valid enrty for custom group.

Kindly try running the risk analysis after making the above correction.

let me know if you are successfull

Regards,

Prashant Kumar

Former Member
‎01-31-2014 8:43 AM
0 Kudos

Hi Colleen

I am trying to upload the custom rulebook .I have modified all the 9 files and kept only Z Risks with Z functions.

When I run execute button for upload it stucks at the Risk file giving an error message "Cannot Interpret the data in the file".Also what are these codes denotes in that file.

Regards

Pradeep

Colleen
Advisor
Advisor
‎02-06-2014 2:19 AM
0 Kudos

Hi Pradeep

How did you maintain the file - notepad verse Excel

I recommend you download a copy and then upload again to rule out any program issues. After that take care with maintenance so it stays in the format you downloaded

Regards

Colleen

Ask a Question