Dear all,
we have created org.rules and execute a risk analysis on user level with the checkmark “Consider Org Rules”. A result appears for Risk ZR_S004, but the org.rule is deleted.
The User has the authorization for ME21N, ME28, FBL5N, VD01 in the connected backend system.
The check on organization unit in der SAP GRC functions ZF_AR07 / ZF_SD01 and ZF_PR02/ZF_PR04 was activated. GRAC_GENERATE_RULES was executed.
A result appears for Risk ZR_S004, but not for ZR_S059.
1.png
2.png
3.png
Because the second risk does not appear, we have deleted the org.rule setting and executed .GRAC_GENERATE_RULES.
The risk still appears.
Now we plan to start the org.rule topic from the beginning.
We have executed the GRAC_DELETE_ACCESS_RULES & GRAC_DELETE_REPORT_SPOOl (SODRP & SAP)
We have deleted the Risk Catalog and imported it from the production system + GRAC_GENERATE_RULES.
The risk still appears.
Then I have checked following tables:
GRACORGRULE - > Empty
GRACORGRULEHDR -> Empty
GRACORGRULET -> Empty
GRACORGRULEARC (standard transp table used for storing Organization Rules-Archive)
-> Filled with all test data I’ve made and which are all deleted in the web interface
Can someone help to delete this risk analysis result? Org.rule is deleted.
BR
Melanie
Bluesky
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.