Access risk analysis processes access risks that you define. It generates rules based on the actions or permissions that an access risk contains.
Use this feature to view the reports containing the results of rules generated by using the Access Risks feature.
When you generate segregation of duties (SoD) action risks, access risk analysis creates a separate rule for each combination of actions that pose a risk.
Example
If an access risk includes two functions, each of which has five actions, and the access risk applies to two systems, access risk analysis generates 20 distinct rules from the access risk.
Example
You might have an access risk (P086) that includes the following functions:
MD12 with 21 actions
BR08 with 46 actions
TS22 with 34 actions
If this access risk applies to three different versions of SAP that all run in your environment, then P086 translates to 98,532 distinct rule (21x46x34x3)s.
Note
The maximum number of SoD rules allowed per risk is 1,679,615. When access risk analysis attempts to process an access risk that generates more than the maximum number of rules, the following error message appears:
ERROR: Risk: #### has exceeded the maximum number of rules (1,679,615) that can be generated for a risk