Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

GRC AC 12: Risk Analysis without system selection

Former Member

on ‎2019 May 14 8:51 AM

0 Likes
927

Hello out there,

when executing a risk anslysis without selecting a System in Background the System check authorization for GRAC_CONN and starts risk Analysis for authorized Connections.
Problem is: If one forgets to select a system and has authorization for many connections it might become a big Performance issue.
In older versions of GRC AC there was - at least - a warning when trying to execute without selecting a System.

Any idea how to restrict the possibility to execute without selecting a system?

Thanks

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (3)

Answers (3)

madhusap
Active Contributor
‎2019 Jun 24 6:46 AM
0 Likes

Hello,

Yes, you are correct, GRC system will not throw a warning when executing risk analysis in the background without entering the system details.

You can do a minor enhancement (if it is really required) to make System field mandatory so that the validation will kick in if it is left blank. However, if the system value is entered as "*" again or if lot of systems are selected while running risk analysis, your issue will still be the same.

As a starting point, Please work with users who regularly do this activity and train them or provide user manuals on how risk analysis should be run and also impact on the system if not done correctly. I assume very limited number of users will be running risk analysis directly.

Regards,

Madhu

Show replies
Show replies
Former Member
‎2019 Jun 18 3:19 PM
0 Likes

GRC 12 SP3

When you start the Analysis in foreground there is indeed a warning. But not, when you set it in Background.

If a user starts risk analysis in Background and no system is selected, too many RFC connections are opened. Than all available RFC connections were occupied. No LDAP connection can be established anymore!

Show replies
Show replies
vijayakumarsuth
Product and Topic Expert
Product and Topic Expert
‎2019 May 24 3:27 PM
0 Likes

Not sure which GRC version and support pack you are in? but in general, it is expected to show the warning when no system is selected and have to suggest users to run in background. If you could share your version and support pack details will be useful for others to help, thanks.

Show replies
Show replies
Former Member
‎2019 Jun 18 3:19 PM
0 Likes

When you start the Analysis in foreground there is indeed a warning. But not, when you set it in Background.

If a user starts risk analysis in Background and no system is selected, too many RFC connections are opened. Than all available RFC connections were occupied. No LDAP connection can be established anymore!

Ask a Question