Hello,
Anyone saw a presentation of GRC 10.1? What about new functionalities? (in particular in AC)
It looks likes the ramp up will be available for customers from tomorrow...
Julien
↧
GRC 10.1 new functionalities
↧
GRC10 - Rule Regenerations can change Rule ID (which is no longer assigned to an existing Mitigating Control)
Our application has GRC 10 SP21 installed. We consistently have had problems with Mitigating Controls (which we maintain in Production) due to rule generations. When updated Functions and Risks are transported from Dev > QA > Prod, the rules have to be generated in each instance. Every time a regeneration is executed, the Rule IDs can and often change. This new Rule ID is is not connected to the MC so I have to add the NEW Rule ID and the Role to the existing MC. I have had to do this countless time and it is extremely time consuming.
Has anyone encountered this situation before and know if there us a fix for this?
I'd appreciate any suggestions you could provide; thank you very much.
↧
↧
SAP GRC FI Standard SOD Matrix..
Hi Gurus,
Can you one guide me to find a Standard FI SOD Conflitcs matrix...
JC
↧
GRC 10.1 - Some workflow are not sent to controller for firefighter usage
Hi All - We are using GRC 10.1 (SP 6) and implemented workflow for firefighter activity (EAM module) but we are facing one issue with workflow.
We are observing for some firefighter usage workflow is not sent to controller (around 5-10 % of total FF usage).
(In GRCFFLOG table , WORKFLOW_SENT column is blank for some case).
What could be the possible reason and solution ?
I welcome your any comment or thought 
↧
Performing Test of Design (TOD) for a control
Dear Experts,
I need you expert opinion on the Testing of Design for a control.
I am in midst of an GRC Process control 10 implementation. I have a question for having multiple test plan for a control (i.e. one for test of design and one of test of effectiveness)
For a SOX control, testing is performed in two parts as follows:
- TOD: Test of Design (In here we assess the design of the control)
- TOE: Test of Effectiveness (In here we assess the effectiveness of the control)
So based on the above underlying testing methodology for a control, we require to have two test plans for one controls, since the testing steps for TOD and TOE are different.
I am aware of the control design assessment testing in the planner. However, in scheduling a control design assessment a survey template is required.
I am not sure how it would take care of the TOD for a control, as in TOD we need to perform some testing based on the manual test attached to a control.
What I require is to schedule TOD for testing a control similarly to scheduling for testing effectiveness.
Please advice on how to perform test of design of a control.
Look forward to hear from you.
Regards,
Sahil.
↧
↧
SAP GRC 10.0 SP10 - role search error
Hi Experts
I have a peculiar error when search for a role in GRC (screenshots shown below). This is a master role.
When I re-import the role it successfully gets imported but when I go to search for the role after importing it I get the error "Role does not Exist"
as shown below. The role is definitely in the backend system - have checked that. Please could you let me know what you think the issue is and how to resolve it.
When I click on open in the below screen...
I get the below error...
But I can check the provisioning tab. The role does exist in the Production system and I have tried
to import the role from the Production system several times but get the same above mentioned error.
Thanks
Ranjit
↧
GRC AC-Password self service
Hi experts,
Looking for solution on how to implement PSS in GRC AC10 with the following option:
Steps are
1. User wants to reset his/her password.
2. Goes to NWBC Link
3. Put the user id
4. Clicks on < Forgot Password >
5. Security question is asked
6. User gets a mail in his/her mail box with a link to reset the password
Regards,
Sudha M
↧
GRC 10 : EAM Logs are showing 'No Records'
Hello Experts,
I am working on GRC 10 EAM configuration at SP07.
The EAM Firefighting scenario is working on ie.Firefighter can login to backend R3 system and performed
FF activities but when i update the FF Logs GRC system doesnt show any logs in the system.
The logs are present in R3 system in STAD, CDPOS, SM20 etc.
The TIme Zones are same in both GRC and R3 system.
But Except Table GRACFFLOG.
NO other Log related table is getting updated after running log update Sync job successfully.
Please let me know if anybody has faced this issue or any advise on what is need to be checked.
Any help is much appreciated.
Regards,
Yatin Phad
↧
GRC 10.0 Firefighter Log Review "Other Action"
Has anyone seen any documentation or know how to exand the choices in GRC 10.0 (SP08) Firefighter Log review? When controller reviews log, he can hit "submit" to approve. Our audit team would like other options ("revoke security" or "inappropriate action; should be reversed", etc). I do see "Other Action" but only offers "Hold".
Thanks in advance..
↧
↧
How to check role and authorization
Hi,
I have following questions and really hope you can help me.
1.Whether there are transactions or reports in SAP which will display all changes that has been done in User roles and authorisations assignments. For example, from the beginning the user had a limited authorisation, when it was changed to greater one? The same issue for the roles, assuming there were changes in role.
2.How can I test, whether the user has got a proper authorisation and can execute only the transactions he is supposed to do?
Thank you in advance
↧
Table related to Role & Role Owner in GRC AC 10
Hi Expert,
I am looking for your advice.
In GRC AC 10 which table contain role & role owner name.
↧
Approved FF Logs has no data
Hi Guys,
We are facing a very strange issue here. We were going through the internal audit for FF process and while picking up the samples of old approved FF logs (already approved) we found that some of them do not have any logs in it. I have tried to find the pattern like specific month or week in which FF logs got impacted but there is not set pattern. While doing the further analysis I have found that some logs were deleted from GRACACTUSAGE (Not sure about the duration for which logs were deleted) but not able to stablish any link with this. Can you guys please advise on what could be the reason that old FF logs have no entries while earlier it was there? Also I would like to understand the impact on existing (approved) log if we delete the data from GRACACTUSAGE table. I have tried to find more details but could not get concrete answer? Looking forward for your help and guidance on this?
Regards, Anuj
↧
SAP GRC FI Standard SOD Matrix..
Hi Gurus,
Can you one guide me to find a Standard FI SOD Conflitcs matrix...
JC
↧
↧
Reactivate user in grc 10
Hello experts,
We are struck with some configuration changes and not able to proceed further. Please suggest.
Scenario:
We have a request type Unlock Account (change & unlock and Assign actions). It follows one stage i.e Role Owner. The users which are locked for some time are invalidated and the ValidTo date is changed manually. When the GRC Request is triggered, it only Unlocks the User, but the validity dates are not change.
1. Tried with adding Roles with Validity date-- so now only roles validity is changed.
2. Added a system in the request with Valid From and To date. Since we have Role Owner Stage it is throwing error as system dnt have owner.
3. We made a parallel workflow for Auto closure for System. If the Role owner rejects the role then the User validity is changed which it should not be.
in 5.3 we have valid from and to dates in the access request. So During provisioning the validity dates From and To are changed to the User, but in 10 we are struck.
Please suggest the configuration how to get this scenario.
Regards,
Ravi.
↧
GRC 10 : EAM Logs are showing 'No Records'
Hello Experts,
I am working on GRC 10 EAM configuration at SP07.
The EAM Firefighting scenario is working on ie.Firefighter can login to backend R3 system and performed
FF activities but when i update the FF Logs GRC system doesnt show any logs in the system.
The logs are present in R3 system in STAD, CDPOS, SM20 etc.
The TIme Zones are same in both GRC and R3 system.
But Except Table GRACFFLOG.
NO other Log related table is getting updated after running log update Sync job successfully.
Please let me know if anybody has faced this issue or any advise on what is need to be checked.
Any help is much appreciated.
Regards,
Yatin Phad
↧
SAP GRC FI Standard SOD Matrix..
Hi Gurus,
Can you one guide me to find a Standard FI SOD Conflitcs matrix...
JC
↧
Data Not Found, Connector Issue
Hi Colleagues
We are working on creation of business rules on a project, we have observed a common error we are facing with business rules using analysis type as CHANGE.
We are getting no error as such for value check category.
Here is the screenshot of the error.
We are currently on SAP GRC 10.1 SP 10, any suggestion or note would greatly appreciated.
Thanks in advance
Regards
Prateek
↧
↧
assign connector group to group types?
hi,
sir i have configured connector settings but i always have doubt in assign connector to group types, can you please tell what are connector group and what is the purpose of that i have done the search and got some details i hope you will give more detail explanation?
Thanks in advance,
with regards,
manoj
↧
difference between service, dialog,communication users
Hi all,
I want to know the main difference between the service, dialog,communication users and also the procedure to create these users.Is there any difference in functinality wise.
Thanks,
Joseph.
↧
Where to change timeframe in 'Continuous Monitoring Scheduler'
Hello Experts
,
When going into the Automated Monitoring Link under Scheduling in the Ruleset up work centre, Once you have selected the timeframe lets say “Year” there is no option to select 2016, the last available year is 2015. Can you please let us know where we can include 2016? We tried SPRO->Governance, Risk and Compliance->General Settings->Key Attributes -> Maintain Timeframe Years but doesn't seem to work. Any help is much appreciated !!!
Thanks
↧