and more in a single search tool across platforms. Read the announcement here. |
Hi,I have 2 Mitigation Controls, One Mitigation Control is for Ruleset1 and other Mitigation Control is for Ruleset2.MC1 -> Ruleset1 -> Owner1MC2 -> Ruleset2 -> Owner2Owner2 is able is view both MC1 and MC2. Is there any configuration that needs to b...
We have configured SoDs between two role Entitlements, but the roles are Enterprise and Emergency due to which we suspect its not working. Enterprise-Enterprise works, Emergency-Emergency Works. But when a user alreday has Enterprise role, he can go ...
Hi All, I was trying to import objects under function (under SOD module) but its not happening . Below are the steps which i am following. 1. Uploading the file under SOD>RULESET>Upload Ruleset. 2. New functions, Risks are getting created with upload...
Hi I was looking for the SOD Ruleset update history, including the most recent update or modification date. How can I achieve to do that?
Hi Team,We have a tcode in the SOD ruleset for which SOD violation os defined. This is defined, using function, risks and defining it in the "object" sheet of the sample ruleset template attachedThis tcode is mapped to 2 different SAP role - say Role...
Issue: SOD Approval WorkflowIssue Description:Currently, our workflow has two stages: manager and endpoint owner level. Our goal is to implement an improved access approval workflow that includes an additional level - Risk owner approval for entitlem...
Hello Team Configured SOD for AzureAD Entitlements in SOD Tab. SOD is evaluating for entitlements/roles for that endpoint if endpoint is in New UI.But SOD is not evaluating for entitlements/roles for that same endpoint if endpoint is in classic UI.An...
Prod is 2021, but I see the same behavior in Test, which is 24.2.User has OOTB ROLE_SAV_SODOWNER. User also needs read-only access to the entire platform to be able to read User Update History, view all Requests, all Tasks, etc.I copied OOTB ROLE_ADM...
Hi, TRIGGERCHAIN_SOD job is getting failed in environment with below error. Packet for query is toolarge (1,346,725,998 > 1,073,741,824). You canchange this value on the server by setting the'max_allowed_packet' variable.; nested exceptionis java...
Hey guys, so I want to get SOD report and I am running SOD report export job. Before that I should mention the path to store that report. What should I give as report path in global configuration and how to access that path.
How to ensure that inactive accounts are not included in the SOD violation list for SAP when we check in SOD Summary.
I would like to know if there is a way to configure Preventative SOD calculation (in the Request Access page) for selective set of risks. We have SOD calculation enabled for a single ruleset from the SOD page and this ruleset has around 200+ risks co...
Hello Team,While going through various posts and FD Docs, I was unable to find a way to run SOD evaluation for Enterprise Roles.I see its mentioned that SOD run on entitlements and not on roles.Can someone suggest the best way to achive this in EIC?
Hi Team,We have created 2 functions (SODEnt1, SODEnt2 in RKFunction1 and SODEnt3 in RKFunction2), added the function mapping to Risk and Ruleset and tried requesting for all the entitlements in a request but we didn't get any error for SOD violation....
Hi All,We have an application with a many RoleA (for example) but specific to a certain location. Example - RoleA_Canada, RoleA_US, RoleA_India. Is it possible to wildcard the role name while creating functions in SODs, for example - RoleA*.As we mi...
Hi Team,We have observed that there are a total of 1489 violations shown in the risk accepted bucket, but in the assigned associations, it shows a lower number of risk accepted bucket violations (1489). Is there any reason that the count is not in sy...
So, I have a usecase where when a user requests entitlements through ARS which is also an SOD violation an email should be sent to the SOD owner to remediate any entitlements so that there would be no violation of SOD. My issue is I created an email ...
While creating the function with the Saviynt function type selected as SAP, the system prompts for inputs such as Auth Object, Field, minimum value, and maximum value to add an object.Please provide clarification on what Auth Object, Field, minimum v...
Hello,SOD evaluation for application role requests from Saviynt App for ServiceNow is not working as expected.Currently if I make a request for two application roles that have risk defined from ARS both requestor and approver will see SOD violation i...
Hi Team,We were trying to import Ruleset file for SAP application with NON SAP function type.Please find the attached sheets which we try to upload under Ruleset.We done through Manually its working fine. Can you suggest on feasibility of importing t...
Hi Team,We are trying to upload the predefined OOB (out-of-the-box) rulesets for SOD (Segregation of Duties) for SAP S4 HANA in SaviyntWhen we upload them, Risks and Functions are being created, but objects are not associated with functions, and func...
Hi Team,We have a requirement to send the requests of entitlements which are causing SOD Violation in Account/Access Request to SOD Owner Approval. and Those entitlements which are not part of SOD Voilation in the same request should go to another le...
Hello Team,We need assistance to below query before you start onboarding and perform SOD evaluation for that Application.1. Customer has SAP GRC system via which SOD evaluation is being performed for SAP Application.2. For Non SAP System they are doi...
Hi Team, We create a new service account and add SOD-violating roles. When we modify the newly created service account and try to add a non-violating role, it shows the SOD violations that appeared for already-assigned roles (currently existing rol...
Hello,We are trying to bring into Saviynt the transaction (TCODE) usage data from SAP S4 target system, in order to be able to configure the Usage Analytics Report and SOD Actual vs Potential, as per client requirement.After reading the available doc...
Hi All, Can you please help us understand what data is available in SOD L3 report. We can see 2 files in the L3 export but we are unable to identify which file contains what data. No where in the documentation it is specified which file contains what...
Even if I post a ticket because I need confirmation urgently, it is closed every time. https://saviyntsupport.saviynt.com/support/tickets/2011543 I would like to know if the screen divided by Category in the Analytics History 5.5 version can be app...
Hi Team,We have created a new ruleset for SOD violation but can't see this ruleset in filter based on ruleset option.Your help would be appreciated.Thank you,Varsha
Hi Team,Is there any way we can set up an alert within SOD module when a new user is identified with a SOD Conflict?We are trying to utilize default analytics "CC_Detected - Users found with SOD Violations", but it lists all the violations for all us...
While adding a child entitlement, when triggering a role modification request. In the role modification workflow, Is it possible to evaluate SOD violation for all the members of the child entitlement?
We have received the following query from the application team regarding the SOD module for the Oracle EBS system.can you please check if Subledger Inquiry function XLA_LINESINQ_SUBLEDGER is correctly to be considered "Create Supplier".Any reasoning ...
Hi Team, We are trying to extract the report from SOD Summary.Report should contain: RISK CODE, Function, USERNAME and ACCOUNT NAME for open status and ruleset belongs to PG_SAP_S4HANA_PROD_100_Ruleset_2023_02Using Query we are trying the extract the...
Can someone help me to understand Why do we require SOD monitor job, what are we monitoring using this job, when we already know status of all violations from SOD workbench. I quite didn't understand the use of this job.
Hi, we are trying to configure the emergency access role and we did the following:-the application for what we are creating it is SAP S4-hana which is already integrated in Saviynt;-in the security system we selected Auto Approve Workflow for Emergen...
Hello Everyone We have a requirement to implement SOD which is calculated simply based on entitlements requestedFor example Entitlement 1 AND Entitlement 2 will cause conflict #1 (Risk name). Similarly there are more Conflicts which may contain two ...
Hello,We are working to configure SoD for SAP S4 Hana.The roles in S4 are configured as follows:There are composite roles, e.g., ZC:Accountant_Example. This entitlement type in Saviynt is SAP Role.Each composite role contains multiple single roles, e...
We have just implemented Saviynt IGA and are assessing the capabilities of our deployed IGA solutions. We recognise Saviynt as a critical component of our IGA strategy and are seeking further information on its features that support SOX compliance r...
We are using a parallel workflow to check for SOD risks, and to automatically reject the entitlement.Unfortunately it doesn't reject the entitlement, but the entire request.How can we change this so that it will only reject the entitlement on which t...
Can Anyone tell me what is business process refers to in SOD ruleset. Why do we use it, and how to configure?
Hi Team,Need information related to the below column data as we can see the column type is longblob.we want to convert this byte array to the actual file.Please let me know what type of file is this. Thanks
For SOD violations, we have an user context driven actionable report which has open, Accept, Deprovision Access as action. When the user selects "Accept" with a future date(see first screenshot). Is there a way to tie that to the respective SOD Viola...
Hello,We are trying to configure the SoD for SAP S4 system.We received the rules for configuring the SoD from SAP GRC, however, there are over 100 functions, and over 200 actions per each function ( we have risk - function - actions per function rule...
Referencing this post https://forums.saviynt.com/t5/application-access-governance/sap-grc-external-sod-risk-evaluation-does-not-return-risks/m-p/11604/thread-id/84It was stated that in late 2023 there would be a fix to allow us to not have to use cl...
Hi, We have added a filter to our SOD evaluation job to only look at active accounts, hoewever inactive accounts are still displaying on the SOD violations? See attached files for config and user extract. Thanks [This message has been edited by mode...
Hi All,We have a client request to send approvals to Risk owner if any thing is edited in the risk. This works only for functions but not form risk.Is there a way to enable approval requirement if any Risk is edited or created in Saviynt.
Hello Team,Hope you're doing good!!There's a requirement, suppose there're multiple entitlements associated with an application and a user is already having 1 of the entitlements then they should not be able to request for any other entitlement unles...
We are facing the issues when the request is submitted which contains external sod evaluation from SAP grc. So once the request is raised for a user, request id's are not generated instead it is redirected to final page with SOD confirmation number....
Hi,Currently we are using the Saviynt version 5.5 SP3.10 and we are planning to upgrade to V2023. So, we want to know SOD configuration and features changes in EIC.If anyone has upgraded and would like us to keep few things in mind while upgrading re...
Hi Team, As we can see in below screenshot, it is showing SOD details information on Request History page. But when we hit fetchRequestHistoryDetails API, it doesn't return any SOD related information. Request: requestkey=1485 API Response: { "...
Hi Team,We want to perform below tasks on SOD violation:1)Get All SoD Policy Violations.2)Update SoD Policy Violations.3)Get policy violation details by id.4)Get policy violation causes.5)Get policy violation action history details by id.6)Get policy...
