Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Risk Analysis giving incorrect data - SP 19

Go to solution
Former Member

on ‎2017 Dec 05 9:30 PM

0 Likes
657

Hello All,

We are currently on SP19. When we executed the risk analysis, the system gives us the roles which it should not have given. We validated this data using SUIM as well. The report type we selected was Critical Action.

For this purpose, we defined a Critical Action risk and gave the required t-code in the respective function. Yet, the report shows this role where as when check the t-code is not part of that role at all.

Has anybody faced such an issue. Please let me know should you require any other information from my side.

Thank you,

Regards,

Praman Mulay

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎2017 Dec 11 9:45 PM

Hi Param,

Yes its specific to SP19,SAP released new rules for Fiori apps and that's the reason its looking for S_SERVICE,please adjust your GRC ruleset if you are not using Fiori.

Thanks

Ramesh

Show replies
Show replies

Answers (3)

Answers (3)

Former Member
‎2018 May 06 5:57 AM
0 Likes

Hi,

We are having the same issue but with the following issue:

S_Service role violations where the Ruleset does not even have it, but the role violating has S_Service with both fields as “ * “. That rule is not even in that risk or function.

Additionally, I have seen a lot of mentions of this phrase which is directly out of the SAP Note “adjust your Ruleset”. What is meant by that? Because our Ruleset does not contain one entry for S_Service either active or inactive.

Thanks in advance.

-John

Show replies
Show replies
Former Member
‎2017 Dec 11 6:35 PM
0 Likes

Hi Alessandro,

Thanks for your reply. I will run this from Reports and Analytics tab. But, after we checked we found out that the system was checking the t-code in S_SERVICE as well. Any idea if this is specific to SP19 ?

Thank you,

Regards,

Praman Mulay

Show replies
Show replies
Former Member
‎2018 Jan 18 5:38 PM
0 Likes

Hi Praman,

Just to know, how have you solved the issue ? We recently upgraded to SP19 and we face the same problem with S_SERVICE. And then more risks than the reality.

note : our GRC plugins are up to date.

Thanks in advance,

Jonathan

Former Member
‎2018 Jan 24 7:18 PM

Jonathan,

Look at the following SAP Note

2579463 - UAM : SOD violation report is wrong for S_SERVICE permission

Thanks

Ramesh

Former Member
‎2018 Jan 26 10:15 AM
0 Likes

Hi Ramesh,


Thanks, this is also the note SAP gave us.

Best regards,

Jonathan

alessandr0
Active Contributor
‎2017 Dec 06 11:48 AM
0 Likes

Praman,

how do you run the risk analysis? Do you use Offline data? Or do you run them from the Reports & Analytics tab. Please remember there are offline and online reports. See here: https://blogs.sap.com/2014/07/16/online-vs-offline-risk-analysis/

Regards, Alessandro

Show replies
Show replies
Ask a Question