Professional Documents
Culture Documents
But if the User's access to FB05 is limited by the ACTVT field value of 03
(Display) running a Risk Analysis for the User at authorization object level
eliminates the SoD.
You can define and maintain your Organizational Rules through the Rule
Architect or you can create them with a spreadsheet program and then
upload the data into Compliance Calibrator.
• Step two of the process checks the records in the OrgUsers table. Only
those users in the OrgUsers table with an oganizational level value
matching those specified in the Organizational Rule - in this case the
value “US01” in the organizational level BUKRS field will be included in
the Risk Analysis.
NOTE: If you include a user in the Risk Analysis and the user does
not have a record in the ORGUSERS table the user is not included
in the analysis.
• The Risk Analysis then generates the report. The report contains all SoDs
for the users included in the analysis with the exception of the Risks
specified in the Organizational Rule - in this case those Risks beginning
with ID P001 (remember object level Rules have nine characters). Those
Risks specified in the Organizational Rule are only included in the Risk
Analysis report if they meet the additional test of the organizational level
field value - in this case “US01”.
The fields in each record of the Organizational Rules table are used in the
following way:
• Risk ID - These are the Risks filtered by the Organizational Rule. See
above for an explanation of how Organizational Rules are used. You can
use the '*' wildcard when specifying a Risk ID.
• Field - This field specifies the organizational level variable. When you
specify an Organizational Rule when running a Risk Analysis the value in
this field is replaced with the actual value contained in the Organizational
Level field of each User record in the OrgUsers table.
• From and To - These fields specify the values to look for in the User's
Organizational Value field contained in the OrgUsers table.
• AND/OR/NOT - The default value in this field is AND. If you leave the
field blank AND is assumed. If the field is set to AND, the values in the
From and To fields are combined and the User is included in the Risk
Analysis , then all the values appear in the User's Organizational Value
field. If the field is set to OR, the values in the From and To fields are
separated and a Risk is generated when running a Risk Analysis, then
any of the values in the From and To fields appear in the User's
Organizational Value field. If the field is set to NOT, a Risk is generated
when running a Risk Analysis, then any values other then the ones
specified in the From and To fields appear in the User's Organizational
Value field.
• Status - This field can be set to Enable or Disable. Only enabled Rules
affect a Risk Analysis.