Show TOC

Function documentationRule Generation Locate this document in the navigation structure

 

Risk Analysis and Remediation processes risks that you define; and, it generates rules based on the actions or permissions that a risk contains.

When you generate Segregation of Duties (SoD) action risks, Risk Analysis and Remediation creates a separate rule for each combination of actions that pose a risk.

Example Example

If a risk comprises two functions, each of which has five actions, and the risk applies to two systems, Risk Analysis and Remediation generates 20 distinct rules from the risk.

End of the example.

Example Example

If you have a risk (P086) that includes the following three functions:

  • MD12 with 21 actions

  • BR08 with 46 actions

  • TS22 with 34 actions

And, if this risk applies to three different versions of SAP that all run in your environment, then P086 translates to 98,532 distinct rules. However, an error results here because Risk Analysis and Remediation supports a maximum of 46,656 rules per risk.

End of the example.

Note Note

When Risk Analysis and Remediation attempts to process a risk that generates more than the maximum number of rules, the following error message appears:

ERROR: Risk: #### has exceeded the maximum number of rules (46,655) that can be generated for a risk

End of the note.

More Information

Rules in Risk Analysis and Remediation

Rule Viewing and Updating

Organization Rules

Rule Set Management

Rule Library Metrics