on 2021 Mar 08 8:27 PM
Hello,
I'd like to ask for help.
We have implemented ARA for ECC connector for 7 years. Now there is the requirement to extend ARA also to another connector (COM).
I downloaded all files for ECC connector via SPRO -> GRC -> Access Control -> ARA -> SoD Rules -> Download SoD Rules. Then I uploaded them to COM connector via SPRO -> GRC -> Access Control -> ARA -> SoD Rules -> Upload SoD Rules.
I runned batch Risk Analysis for COM connector via SPRO -> GRC -> Access Control -> ARA -> Batch Risk Analysis -> Execute Batch Risk Analysis, it took 1070 seconds, no errors. Then I runned Repository Sync, Action Usage Sync, Authorization Sync for COM connector.
I checked GRC in NWBC (Setup -> Access Rule Maintenance -> Functions), Functions are active for both connectors. I generated all Rules via GRC NWBC.
But when I runned report via NWBC -> Reports and Analytics -> ARA Reports -> Role Risk Violation Report or User Risk Violation Report, there are no violations.
I'm sure that there have to be SoD risks in COM connector because Access Risks are the same as in ECC connector and also there are similar roles as in ECC connector.
Please, could you be so kind and help me?
We are on GRC 10.0 SP23. Unfortunately, we will upgrade to GRC 12.0 maybe next year...
Request clarification before answering.
Hi Olga,
Is the connector(COM) part of the logical connector group, if so can you check if the rules are uploaded against the logical connector group, once uploaded generate the risks from both frontend and backend, check the GRACACTRULE table to confirm.
If the issue is in the dashboard reports, then it might be related to the adobe flash player not supported?
Thanks
Ramesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Olga,
check the access rule details (NWBC > Setup > Generated Rules > Access Rule Detail) to see if the rules are properly created and validate again. From your steps, repo sync should be run before you run the risk analysis. Try to run an ad-hoc risk analysis in NWBC > Access Management > User Level or Role/Profile - e.g. profile SAP_ALL, to see if it works.
Regards, Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
9 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.