Hi I would say the following to be checked. 1. If the risk is appearing in a display only role - then i believe you are running the GRC report on a Action level , where as u should be running the report on permission level, i am taking in the fact that you have configured the GRC rule set with some auth objects for the sales & delivery Tcodes. Let me know if this works. Regards Naveen On Thu, Jul 1, 2010 at 1:32 AM, WVU_SAP_Security via sap-security < sap-security@groups.ittoolbox.com> wrote: > Posted by WVU_SAP_Security > on Jun 30 at 1:30 PM Hi > Lucas, > > What did you end up doing to remediate this risk. I am running across the > same problems and I know its because of the sharing of objects and values, > but I was wondering if you updated your ruleset, or what? > > ---------------Original Message--------------- > From: Lucas > Sent: Thursday, June 03, 2010 12:52 PM > Subject: GRC issue regarding VA01 and 02 access conflicting with VL06 > > > Hi All, > > I am in a situation where we have a inventory display role that contains > transactions VL06,VL06F,VL06G, VL06L, > > VL06O,VL06P,VL10B,VL10G,VL10H. We have a request for a user to have > transactions VA01 and VA02. > > While simulating the addition of the sales order access we are getting 18 > high risk SOD violations > > Cover up unauthorized shipment by creating a fictitious sales documents > > I'm having a very difficult understanding how a display only role with > all activities set to 03 would conflict with the sales order maintenance > role. > > Any suggestions on what I am missing would be greatly appreciated. | __.____._ Copyright © 2010 Toolbox.com and message author. Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251 | | Related Content White Papers In the Spotlight _.____.__ |