Function documentationGenerated Rules Locate this document in the navigation structure

 

Access risk analysis processes access risks that you define. It generates rules based on the actions or permissions that an access risk contains.

Use this feature to view the reports containing the results of rules generated by using the Access Risks feature.

When you generate segregation of duties (SoD) action risks, access risk analysis creates a separate rule for each combination of actions that pose a risk.

Example Example

If an access risk includes two functions, each of which has five actions, and the access risk applies to two systems, access risk analysis generates 20 distinct rules from the access risk.

End of the example.

Example Example

You might have an access risk (P086) that includes the following functions:

  • MD12 with 21 actions

  • BR08 with 46 actions

  • TS22 with 34 actions

If this access risk applies to three different versions of SAP that all run in your environment, then P086 translates to 98,532 distinct rule (21x46x34x3)s.

End of the example.

Note Note

The maximum number of SoD rules allowed per risk is 1,679,615. When access risk analysis attempts to process an access risk that generates more than the maximum number of rules, the following error message appears:

ERROR: Risk: #### has exceeded the maximum number of rules (1,679,615) that can be generated for a risk

End of the note.

More Information

Access Rule Summary

Access Rule Details

Access Risks

Exception Access Rules

Organization Rules