Create a New Rule

Navigation

Introduction

A rule contains one or more conditions used to identify risks in a business process. Data extracted from ERP tables is analyzed against rules.  If the extracted data satisfies the conditions of a rule, it is termed a violation or an exception. IRC reports these violations and allows for further corrective action.

Rules can be created for the following types of Insights:

• Authorizations Insight

• User Activity Insight

• Process Insight

• Configuration Insights

Authorizations Insight Rules

You can build rules for Authorizations Insights only after data is extracted from the application into IRC. Rules for Authorizations Insights vary, depending on the ERP application and the rule type selected.

Click here to view the ERP systems for which Authorizations Insights rules can be created:

To create an Authorizations Insight rule:

1. Add information on the General Information panel as explained below.

2. Provide the risk description, control objective, and assign owners for the rule.

3. Specify the compensating controls to be attached to the rule, the object attributes to be excluded and the users to be notified when violations are reported against this rule.

4. Click the Conditions tab.

5. Provide the rule conditions

6. Click Save to save the rule. The rule now appears in the list of rules for the selected rule book.

Provide details for the new rule on the following panels:

General Information

Use this panel to provide the following general information about the rule:

• Rule Name

  Provide a unique name to identify the purpose of the rule. If a rule with the specified name already exists in the rule book, the application prompts you to enter a new name.

• Control Number

  This number identifies the rule and may be numeric or alphanumeric

• Rule Type

  From the drop-down list, select the Insight and the rule type for the new rule. For example, the basic rule types for the Authorizations Insight are:

  • Sensitive or Conflicts Rule

  • Limits Rule

  Note: When you select the Sensitive or Conflict rule as the rule type a sensitive rule is created by default. To create a conflicts rule, click the Convert to Conflicts Rule button on the Conditions tab.

   

• Object

  From the drop-down list, select the object to be defined for the rule. The drop down list displays all objects by ERP.

  The objects displayed while building the rule condition depend on the Insight and the rule type selected in the Rule type field.

   

  Note: The object Role supports only conflict type of rule. You cannot create a sensitive rule with this object.

• Priority

  From the drop-down list, select the rule priority for the action to be taken when a violation is detected. This priority can be used to filter report results.

   

• Expires on

  Click the Calendar view icon to select the expiry date or leave as Never Expires.

   

  If selecting an expiry date, select a date in the future. The rule will expire on that date. For example , if you select the rule expiry date as 7/25, then the rule will be available only till the date 7/24,11.59 p.m. The rule will not be available for analysis after the specified expiry date.

   

  The date selected here is according to the IRC application server time zone.

   

• Enabled

  Select this check box to enable the rule. Only enabled rules are considered for analysis.

   

   Note: Rules can also be enabled or disabled from the Rules page.

   

• Status

  From the drop-down list, select the required rule status: Draft, In Review or Final. The status of the rule does not impact analysis. It is informational only and can be used as a filter to generate reports.

• Category

  Define whether a rule is in the process of development or ready to be picked for analysis.

   

  Note: Use the BusinessControl.xml file to modify the existing categories or to add new categories for rules.

  For details, refer to the Platform Configuration Settings document.

• Keywords

  Associate a keyword with this rule.

  Keywords can be associated with rules and parameter lists, and are used while scheduling an analysis. Tagging rules or parameter lists with keywords helps you group specific rules and parameters lists and eliminates the need to browse for and select them while scheduling an analysis.

  To assign a keywords with this rule:

  1. Select the All check box if you want to associate all existing keywords with this rule.

  2. To select specific keywords, type in a part of the keyword name in the autosuggest text box. All keywords matching the search criteria are displayed. Select the required keyword.
     Alternatively, click the Browse icon to browse for and select the required keywords and click OK. The selected keywords are added in the Keywords field.

   

• Risk Description

  Provide any additional information to describe the purpose of the rule or any other information to elaborate on the rule name.

• Control Objectives

  Provide a control objective to communicate why this rule exists.

• Documentation

  Provide any documentation that you may want to provide for the rule.

• Supporting Documentation

  Add contextual links to reference additional documentation.

  Provide the reference name and the reference link and click the Add icon.

• Owners

  Select users who will be the business process owners or rule owners for this rule. The Administrator and the creator of the rule are its default owners.

  The creator of the rule can assign other users as owners of this rule and business process owners. Rule owners have the authority to modify or delete the rules they own and also add or remove other rule owners or business process owners as long as the roles they are assigned contain the required permissions.

  In the rule ownership hierarchy, the business process owner if below the rule owner. Business process owners have the same rights as rule owners; but cannot add or remove users as rule owners and business process owners.

   

  Note: Users may be assigned ownership of a rule within a rule book without necessarily owning the rule book. The rule book will be displayed on the Rule Books page. Rule owners may select this rule book but will only be able to view the rules that they own.

   

  To select rule owners or business process owners, click the Browse icon. All existing users in IRC are displayed in the drop-down list. Select the desired rule owners and business process owners.

  Users assigned the Administrator role have the authority to carry out all actions on all rules, irrespective of the rule ownership.

   

  Note: Ownership of rules can also be assigned while creating a new user. The Ownership report displays the owners for rule books, rules, parameter lists, compensating controls and connections in IRC.

   

   

• History

  This field displays the rule modification history. The dates displayed on this tab are according to time zone defined on the Preferences page.

Compensating Controls and Exclusions

Use this panel to:

• Exclude objects from rules

• Assign compensating controls

• Define the users who should receive email notifications if this rule is violated.

You can perform the following actions from this panel:

• Create a compensating control, provided you have the permissions to do this. If you do not have the required permissions, the New tab for creating the compensating control is not displayed on the user interface.

• Assign a compensation control to this rule

  Compensating controls are a list of instructions, procedures or agreements that support the existence of an exception. They are used to mitigate any potential risk as a result of objects excluded from a rule.

  If you are a business process owner for this rule, you can assign compensating controls to the rule. You have the following options:

  • Assign compensating controls to the base rule - When you assign compensating controls to the base rule, all the compensating controls attached to this rule are available to support the exclusions defined for this rule on the Document Exclusions page.

  • Assign compensating controls to the parameter lists associated with the rule: When you assign compensating controls to the parameter list associated with this rule, only those compensating controls attached to the parameter list are available to support the exclusions defined for this rule on the Document Exclusions page.

  Assign compensating controls to a rule as follows:

  1. From the Valid For drop-down list, select base rule to assign the compensating control to the base rule or click Add/remove Parameter Lists to assign the compensating control to a parameter list. The Parameter Lists field is displayed. Provide a parameter list name in the autosuggest text box or click the Browse icon to locate and select the desired parameter list.

  2. In the Compensating Controls tab below, click the Reassign icon. A pop-up window displays a list of all the existing compensating controls.

  3. Select the required compensating control and click  the Reassign icon. The selected compensating controls are displayed in the Compensating Controls field.

   Note: If you have the required permissions to create a new compensating control, you the New button is displayed. Click New to create a new compensating control to assign to the rule.

  For details on the permissions required, refer to the Compensating Controls topic .

  4. Click the date in the Assignment Expiry column to edit the validity of the compensating control assigned to the rule. Provide a date in the text box or click the Calendar icon to select a date from the calendar and click OK. Select the check box Apply to All to apply the same validity date across all the compensating controls assigned to this rule.

   Note: All the dates selected on this panel are saved according to the IRC application server time zone.

   

  Once the compensating control assignment has expired, a notification is automatically sent to the rule owner and rule creator.

• Remove a compensating control

  To remove a compensating control assigned to this rule, select the compensating control and click the Remove icon.

• Exclude an object by direct exclusion

  Certain objects may be excluded from a rule so that they are not generated as violations when an analysis is performed using this rule. Objects can be excluded from a rule directly, by associating parameters with a base rule or through a parameter list.

   

  Note: The objects that can be excluded vary as per the ERP application selected:

  • ION Application: Users, roles and users by user attributes
  • Lawson: Users, roles and users by user attributes
  • SAP - Users, roles, user attributes
  • Oracle - Users, responsibilities, user attributes
  • PeopleSoft - Users, roles, permission lists, user attributes

   

  To directly exclude an object such as user, role, responsibility or permission list:

  1. From the Valid For drop-down list, select base rule to exclude an object directly from a rule.

  2. Click the Exclusions tab.

  3. In the Exclude Specific Object field, select an object from the drop-down list. Alternatively, click the Browse icon to locate and select the desired object. The selected object appears in the grid below.

  To directly exclude an object by object attribute:

  1. From the Valid For drop-down list, select base rule to exclude an object by an object attribute directly from a rule.

  2. Click the Exclusions tab.

  3. In the Exclude object by object Attributes field, you need to define the criteria.

  4. Select an attribute from the drop-down list.

  5. Select an operator from the drop-down list.

  6. Provide the attribute value and click the Add icon. Alternatively, click the Browse icon to locate and select the desired attribute value. Click OK. The selected value will appear in the field.

  By default, there is no expiry date for these exclusions. To edit this expiry setting, click Edit Expiration Date. Select the required date and click OK. Select the check box Apply to all to apply this expiration date to all the selected exclusions. The exclusion expiration date selected here is according to the IRC application server time zone. Once the expiry date has passed, the object is included in the analysis using that rule.

• Exclude an object by associating parameters to a base rule

  Certain objects may be excluded from a rule so that they are not generated as violations when an analysis is performed using this rule. Objects can be excluded from a rule directly, by associating parameters with a base rule or through a parameter list.

  Exclude violating objects by parameter:

  Parameters can be used as placeholders for objects. Once parameters are included in a parameter list they can be assigned values prior to an analysis. During analysis, the parameters are replaced with the actual values.

  For example:

  Assume that you have a user named John in your US office and you want to exclude John (US) from analysis.

  To do this, you create a parameter User 1 and associate it with your rule.

  During analysis, when you attach a parameter list containing the parameter User 1 and assign the value 'John' to this parameter User 1, only the value John will be excluded from analysis.

  To exclude an object by parameter:

  1. Click the Add Parameters link in the Options field. The Browse Parameters pop-up window is displayed.

  2. Select the required parameter and click OK. The parameter is displayed in the Exclude Specific Attributes field.

  3. Click the View Parameter Values link to provide values to the parameter.

  4. By default, there is no expiry date for these exclusions. To edit this expiry setting, click Edit Expiration Date. Select the required date and click OK. Select the check box Apply to all to apply this expiration date to all the selected exclusions. The exclusion expiration date selected here is according to the IRC application server time zone. Once the expiry date has passed, the object is included in the analysis using that rule.

  5. The expiry date can also be set from the Document Exclusions page.

  Note: Authorizations Insight for Lawson rules and Authorizations Insight for ION Applications rules do not support this feature.

• Exclude an object by associating a parameter list

  Associate a parameter list to a rule to ensure that when the rule is analyzed, only the values for the parameters in the associated parameter list are excluded from analysis, even if multiple parameter lists are attached during analysis.

  For example, assume that you have a user named John in your US office and another user named John in your UK office. You want to exclude John (US) from analysis.

  To do this, you create a parameter User 1 and include it in the parameter list PL_US. You give User 1 the value  'John' . You then use the same parameter in a second parameter list PL_UK. Again, you give User 1 the value John.

  You associate the parameter list PL_US with your rule.

  During analysis, even if you attach both parameter lists, only the value John from PL_US will be excluded from analysis.

  Note: Before a parameter list can be attached to this rule, parameters need to be created in the Parameter Library, and imported into a Parameter List. Values may be assigned to the parameters at any time prior to analysis. All parameters must have the check box Mark for exclusion selected.

  Associate a parameter list as follows:

  1. Click Add/remove Parameter Lists link to associate a parameter list to the exclusions. The Parameter Lists field is displayed. Provide a parameter list name in the autosuggest text box or click the Browse icon to locate and select the desired parameter list and click Save. The selected parameter list appears in the Valid For drop-down list.

  2. Select the parameter list from the Valid For drop-down list.

  3. In the Exclude Specific Attributes field, select a parameter to exclude and click the Add icon. All parameters available in the selected parameter list will be displayed. Alternatively, click the Browse icon  to locate and select the desired attribute. The selected attribute will appear in the field.

  4. Click the View Parameter Values link to provide values to the parameter.

  5. By default, there is no expiry date for these exclusions. To edit this expiry setting, click Edit Expiration Date. Select the required date and click OK. Select the check box Apply to all to apply this expiration date to all the selected exclusions. The exclusion expiration date selected here is according to the IRC application server time zone. Once the expiry date has passed, the object is included in the analysis using that rule.

  6. The expiry date can also be set from the Document Exclusions page.

  Important: Exclusion using parameter lists is not supported for Authorizations Insight for Lawson and Authorizations Insight for ION Applications.

• Provide the names of the users who should receive the notification

  In  the field When this rule is violated, send an email message to, enter the name of the user and click the Add icon or browse to search for users and select the users required.

  Note: Email messages will be sent to the selected users only if you have included these users under the Actions tab when creating the Rule book, and you have enabled notifications for the violation and exception event.

• Send an email using parameters

  The parameter list drives the email addresses used in the alerts. In the field  When this rule is violated, send an email message using parameter - to, provide the parameter name in the autosuggest text box or click the Browse icon to locate the required parameter.

  Before you can avail of this option, ensure that the required parameters are present in the Parameter Library with email selected as the technical name.

Rule Conditions

Use the Conditions tab to build a rule condition for defining the rule criteria. Extracted data is analyzed against these rule conditions. The structure of your rule condition depends on the Insight and the rule type selected.

The Authorizations Insight has following two types of rules:

• Sensitive or Conflict rule: While creating a rule when you select Sensitive or Conflict rule as the rule type on the Rule Details tab then, by default, a sensitive rule can be created on the Conditions tab. To create a conflicts rule, click the Convert to Conflicts Rule button on the Conditions tab. The Conditions tab also displays the Recent and Favorites panels:

• Recent panel

  The Recent panel collects and displays objects used most recently by users for rule building. Users can add objects from the Recent panel to the rule builder panel by dragging the required objects from the Recent panel and dropping them in the rule builder panel.

  Save the changes made to the Recent panel to retain the changes.

• Favorites panel

  Favorites panel displays the objects added as favorites by the signed in user. Users can add objects from the Favorites panel to the rule builder panel by dragging them from the Favorites panel and dropping them in the rule builder panel. Objects can also be added from the Recent panel and the rule builder panel to the Favorites panel. To add the objects, use the Add to Favorites button or drag the objects from Recent panel or rule builder panel and drop them in the Favorites panel.

  Save the changes made to the Favorites panel to retain the changes.

   

The number of rows of information displayed on the rule builder tree panel, the Favorites panel, and the Recent panel are configured from the Page Options panel on the Preferences page.

• Limits rule: A limits rule can be created on the Conditions tab when the rule type is selected as Limits rule on the Rule Details tab. A limits rule limits the access to a role/responsibility to a predefined number of users.

In case of secured connections, users creating a rule will be able to view and browse objects from only those connections that they have access to.

For details on building rule conditions, refer to the respective sample rules:

• Sample rules for Authorizations Insight for ION Applications

• Sample rules for Authorizations Insight for Lawson

• Sample Rules for Authorizations Insight for SAP

• Sample Rules for Authorizations Insight for Oracle

• Sample Rules for Authorizations Insight for PeopleSoft

• Sample Rules for Authorizations Insight for SAP Enterprise Portal

User Activity Insight Rules

Rules for the User Activity Insight are created to analyze data extracted for the User Activity Insight. When the extracted data violates a User Activity Insight rule, IRC reports a violation.

To create an User Activity Insight rule:

1. Add information on the General Information panel as explained below.

2. Provide the risk description, control objective and assign owners for the rule.

3. Specify the users to be notified when violations are reported against this rule.

4. Click the Conditions tab.

5. Provide the rule conditions

6. Click Save to save the rule. The rule now appears in the list of rules for the selected rule book.

Provide details for the new rule in the following panels:

General Information

Use this panel to provide the following general information:

• Rule Name

  Provide a unique name to identify the purpose of the rule. If a rule with the specified name already exists in the rule book, the application prompts you to enter a new name.

• Control Number

  This number identifies the rule and may be numeric or alphanumeric

• Rule Type

  From the drop-down list, select the Insight and the rule type for the new rule.

  User Activity Insight has sensitive and  conflicts rule types. When you select the Sensitive or Conflict rule as the rule type a sensitive rule is created by default. To create a conflicts rule, click the Convert to Conflicts Rule button on the Conditions tab.

   

   

• Object

  From the drop-down list, select 'Transaction' as the object to be defined for the rule. The only object available for the User Activity Insight is Transaction.

• Priority

  From the drop-down list, select the rule priority for the action to be taken when a violation is detected. This priority can be used to filter report results.

• Expires on

  Select the date on which to terminate the rule.

  Click the Calendar icon to select the expiry date or leave as Never Expires. The date selected here is according to the IRC application server time zone.

   

• Enabled

  Select this check box to enable the rule. Only enabled rules are considered for analysis. Rules can also be enabled or disabled from the Rules page

   

• Status

  From the drop-down list, select the rule status: Draft, In Review or Final. The status of the rule does not impact analysis. It is informational only.

• Category

  Define whether a rule is in the process of development or ready to be picked for analysis.

   

   Note: Use the BusinessControl.xml file to modify the existing categories or to add new categories for rules.

  For details, refer to the  Infor Risk & Compliance Platform - Configuration Settings document.

   

• Keywords

  Associate a keyword with this rule.

  Keywords can be associated with rules and parameter lists and are used while scheduling an analysis. Tagging rules or parameter lists with keywords helps you group specific rules and parameters lists and eliminates the need to browse for and select them while scheduling an analysis.

  To select keywords:

  1. Select the All check box if you want to associate all existing keywords with this rule.

  2. To select specific keywords, type in a part of the keyword name in the autosuggest text box. All keywords matching the search criteria are displayed. Select the required keyword.
     Alternatively, click the Browse icon to browse for and select the required keywords and click OK. The selected keywords are added in the Keywords field.

   

• Risk Description

  Provide any additional information to describe the purpose of the rule or any other information to elaborate on the rule name.

• Control Objectives

  Provide a control objective to communicate why this rule exists.

• Documentation

  Provide any documentation that you may want to provide for the rule.

• Supporting Documentation

  Add contextual links to reference additional documentation.

  Provide the reference name and the reference link and click the Add icon.

• Owners

  Select users who will be the business process owners or rule owners for this rule. The Administrator and the creator of the rule are its default owners.

  The creator of the rule can assign other users as owners of this rule and business process owners. Rule owners have the authority to modify or delete the rules they own and also add or remove other rule owners or business process owners as long as the roles they are assigned contain the required permissions.

  In the rule ownership hierarchy, the business process owner if below the rule owner. Business process owners have the same rights as rule owners; but cannot add or remove users as rule owners and business process owners.

   

  Note: Users may be assigned ownership of a rule within a rule book without necessarily owning the rule book. The rule book will be displayed on the Rule Books page. Rule owners may select this rule book but will only be able to view the rules that they own.

   

  To select rule owners or business process owners, click the Browse icon. All existing users in IRC are displayed in the drop-down list. Select the desired rule owners and business process owners.

  Users assigned the Administrator role have the authority to carry out all actions on all rules, irrespective of the rule ownership.

  Ownership of rules can also be assigned while creating a new user.

   

  Note: The Ownership report displays the owners for rule books, rules, parameter lists, compensating controls and connections in the application.

• History

  This field displays the rule modification history. The dates displayed on this tab are according to time zone defined on the Preferences page.

Notifications

The Notifications panel enables you to send an email notification to specific users in case this rule is violated. There are two ways to do this:

• Provide the names of the users who will receive the notification

  In the field When this rule is violated, send an email message to, enter the name of the user and click the Add icon or click the Browse icon to search for users and select the users required.

• Send an email using parameters

  The parameter list drives the email addresses used in the alerts. In the field  When this rule is violated, send an email message using parameter - to, provide the parameter name in the autoselect text box or click the Browse icon to locate the required parameter.

   

  Note: Before you can avail of this option, ensure that the required parameters are present in the Parameter Library with email selected as the technical name.

   

Rule Conditions

Use the Conditions tab to build rule conditions for defining the rule criteria. Extracted data will be analyzed against these rule conditions. The structure of your rule condition depends on the Insight and the rule type selected.

There is one basic rule type for the User Activity Insight for SAP:

Sensitive or Conflicts rule: While creating a rule when you select Sensitive or Conflict rule as the rule type on the Rule Details tab then, by default, a sensitive rule can be created on the Conditions tab. To create a conflicts rule, click the Convert to Conflicts Rule button on the Conditions tab.

The Conditions tab also displays the Recent and Favorites panels:

• Recent panel

  The Recent panel collects and displays the objects used most recently by users for rule building. A user can add objects from the Recent panel to the rule builder panel by dragging the required objects from the Recent panel and dropping them in the rule builder tree panel.

  Save the changes made to the Recent panel to retain the changes.

• Favorites panel

  Favorites panel displays the objects added as favorites by the signed in user. Users can add objects from the Favorites panel to the rule builder panel by dragging them from the Favorites panel and dropping them in the rule builder panel. Objects can also be added from the Recent panel and the rule builder panel to the Favorites panel. To add the objects, use the Add to Favorites button or drag the objects from Recent panel or rule builder tree and drop them in the Favorites panel.

  Save the changes made to the Favorites panel to retain the changes.

The number of rows of information displayed on the rule builder tree panel, the Favorites panel and the Recent panel are configured from the Page Options panel on the Preferences page.

In case of secured connections, users creating a rule will be able to view and browse objects from only those connections that they have access to.

For details on building rule conditions, refer to the Sample Rules for User Activity Insight.

Test Rule

Click the Test Rule tab to test your rule and verify whether the rule returns the expected results. For details on testing your rule refer to the section below.

Process Insights Rules

Process Insight rules include rules for Lawson, ION Application and SAP.

Rules for the Process Insights can be broadly classified as follows:

• Simple rule

• Duplicate rule

• Baseline rule

• Math rule

• SQL rule

To create a Process Insight rule:

1. Add information on the General Information panel as explained below.

2. Provide the risk description, the control objective, and assign owners for the rule.

3. Specify the compensating controls to be attached to the rule, and the object attributes to be excluded.

4. Click the Conditions tab to build the rule condition.

5. Click the Reporting Fields tab to add the reporting fields and the rule summary.

6. Click the Test Rule tab to test the rule for any exceptions, if required.

7. Click Save to save the rule. The rule now appears in the list of rules for the selected rule book.

Provide details for the new rule in the following panels:

General Information

Use this panel to provide the following general information about the rule:

• Rule Name

  Provide a unique name to identify the purpose of the rule. If a rule with the specified name already exists in the rule book, you are prompted to enter a new name.

• Control Number

  This number identifies the rule and may be numeric or alphanumeric.

• Rule Type

  For the Process Insight the rule type is Process Rule.

• Object

  When you select the rule type as process rule, the Object field is disabled.

  The object for process rules are selected from the Conditions tab.

• Priority

  From the drop-down list, select the rule priority for the action to be taken when an exception is detected. This priority can be used to filter results.

• Expires on

  Select the date on which to terminate the rule.

  Click the Calendar icon to select the expiry date for the user or leave as Never Expires. The date selected here is according to the IRC application server time zone.

   

• Enabled

  Select this check box to enable the rule. Only enabled rules participate in analysis. Rules can be enabled or disabled from the Rules page as well.

   

• Status

  From the drop-down list, select the rule status: Draft, In Review or Final. The status of the rule does not impact analysis. It is informational only.

• Category

  Define whether a rule is a production rule or a development rule. You can use the BusinessControl.xml file to modify the existing categories or to add new categories for rules.

  For details, refer to the Platform - Configuration Settings document.

• Keywords

  Associate a keyword with this rule.

  Keywords can be associated with rules and parameter lists and are used while scheduling an analysis. Tagging rules or parameter lists with keywords helps you group specific rules and parameters lists and eliminates the need to browse for and select them while scheduling an analysis.

  To select keywords:

  1. Select the All check box if you want to associate all existing keywords with this rule.

  2. To select specific keywords, type in a part of the keyword name in the autosuggest text box. All keywords matching the search criteria are displayed. Select the required keyword.
     Alternatively, click the Browse icon  to browse for and select the required keywords and click OK. The selected keywords are added in the Keywords field.

   

• Risk Description

  Provide any additional information to describe the purpose of the rule or any other information to elaborate on the rule name.

• Control Objectives

  Provide a control objective to communicate why this rule exists.

• Documentation

  Provide any documentation that you may want to provide for the rule.

• Supporting Documentation

  Add contextual links to reference additional documentation.

  Provide the reference name and the reference link and click the Add icon.

• Owners

  Select users to assign the business process owner or rule owner for this rule.

   

  Note: An user can be assigned an ownership for a rule within a rule book and not necessarily have the ownership of the rule book. However, the rule book will still display on the Rule Books page and when the user selects this rule book only the rules assigned to him will be displayed. The user will not be able to view the other rules in the selected rule book.

  The rule owner is the creator of the rule and is also its default owner. Rule owners have full administrative permissions over the rule. Rule owners can add and remove other rule owners and business process owners.

  Business process owner stands below the rule owner in the rule ownership hierarchy. Business process owners have the same rights as rule owners; but cannot add or remove rule owners and business process owners.

  To select rule owners or business process owners, click the Browse icon. All existing users in IRC are displayed in the drop-down list. Select the desired rule owners and business process owners.

  Users assigned the administrator role have the authority to carry out all actions on all rule books, irrespective of the rule book ownership.

   

  Note: Ownership of rules can also be assigned while creating a new user.

   

  Ownership Report

  The Ownership report displays the owners for rule books, rules, parameter lists, compensating controls and connections in IRC.

• History

  This field displays the rule modification history. The dates displayed on this tab are according to time zone defined on the Preferences page.

Compensating Controls, Exclusions and Notifications

Use this panel to:

• Exclude objects from rules

• Assign compensating controls

• Define the users who should receive email notifications if this rule is violated.

You can perform the following actions from this panel:

Compensating controls are a list of instructions, procedures or agreements that support the existence of an exception. They are used to mitigate any potential risk as a result of objects excluded from a rule.

Exclusions are objects that may be authorized to perform certain actions that generate exceptions. Such objects need to be excluded from the rule so that they are not included in the list of exceptions.

All exclusions have an expiry date which specifies how long the exclusion is valid for the rule. The expiry date can be set from the Document Exclusions page and is modifiable. After the expiry date, the object will no longer be excluded from the rule.

Objects can be excluded from a rule directly, by associating parameters with a base rule or through a parameter list.

You can also send an email notification to specific users in case a rule is violated. This can be done by providing names of the users who will receive the notification or by using a parameter.

This panel enables you to:

• Create a Compensating Control

• Assign a compensation control to this rule

  Compensating controls are a list of instructions, procedures or agreements that support the existence of an exception. They are used to mitigate any potential risk as a result of objects excluded from a rule.

  If you are a business process owner for this rule, you can assign compensating controls to the rule. You have the following options:

  • Assign compensating controls to the base rule - When you assign compensating controls to the base rule, all the compensating controls attached to this rule are available to support the exclusions defined for this rule on the Document Exclusions page.

  • Assign compensating controls to the parameter lists associated with the rule: When you assign compensating controls to the parameter list associated with this rule, only those compensating controls attached to the parameter list are available to support the exclusions defined for this rule on the Document Exclusions page.

  Assign compensating controls to a rule as follows:

  1. From the Valid For drop-down list, select base rule to assign the compensating control to the base rule or click Add/remove Parameter Lists to assign the compensating control to a parameter list. The Parameter Lists field is displayed. Provide a parameter list name in the autosuggest text box or click the Browse icon to locate and select the desired parameter list.

  2. In the Compensating Controls tab below, click the Reassign icon. A pop-up window displays a list of all the existing compensating controls.

  3. Select the required compensating control and click the Reassign icon. The selected compensating controls are displayed in the Compensating Controls field.

  Note: If you have the required permissions to create a new compensating control, you the New button is displayed. Click New to create a new compensating control to assign to the rule.

  For details on the permissions required, refer to the Compensating Controls topic .

  4. Click the date in the Assignment Expiry column to edit the validity of the compensating control assigned to the rule. Provide a date in the text box or click the Calendar icon to select a date from the calendar and click OK. Select the check box Apply to All to apply the same validity date across all the compensating controls assigned to this rule.

  Note: All the dates selected on this panel are saved according to the IRC application server time zone.

   

  Once the compensating control assignment has expired, a notification is automatically sent to the rule owner and rule creator.

• Remove a compensating control

  To remove a compensating control, select the compensating control to delete and click the Remove icon.

• Exclude an object by direct exclusion

  Certain objects may be excluded from a rule so that they are not generated as violations when an analysis is performed using this rule. Objects can be excluded from a rule directly, by associating parameters with a base rule or through a parameter list.

   

  To directly exclude an object:

  1. From the Valid For drop-down list, select base rule to exclude an object directly from a rule.

  2. Click the Exclusions tab.

  3. In the Exclude Specific Object field, select an object from the drop-down list. Alternatively, click the Browse icon to locate and select the desired object. The selected object will appear in the field.

  To directly exclude an object by object attribute:

  1. From the Valid For drop-down list, select base rule to exclude an object by an object attribute directly from a rule.

  2. Click the Exclusions tab.

  3. In the Exclude object by object Attributes field, you need to define the criteria.

  1. Select an attribute from the drop-down list.

  2. Select an operator from the drop-down list.

  3. Provide the attribute value and click the Add icon. Alternatively, click the Browse icon to locate and select the desired attribute value. Click OK. The selected value will appear in the field.

  By default, there is no expiry date for these exclusions. To edit this expiry setting, click Edit Expiration Date. Select the required date and click OK. Select the check box Apply to all to apply this expiration date to all the selected exclusions. The exclusion expiration date selected here is according to the IRC application server time zone. Once the expiry date has passed, the object is included in the analysis using that rule.

  This expiry date can be defined from the Document Exclusions page and is modifiable. Once the expiry date has passed, the object is included in the analysis using that rule.

• Exclude an object by associating parameters to a base rule

  Certain objects may be excluded from a rule so that they are not generated as violations when an analysis is performed using this rule. Objects can be excluded from a rule directly, by associating parameters with a base rule or through a parameter list.

   

  Exclude violating objects by parameter:

  Parameters can be used as placeholders for objects. Once parameters are included in a parameter list they can be assigned values prior to an analysis. During analysis, the parameters are replaced with the actual values.

  For example:

  Assume that you have a user named John in your US office and you want to exclude John (US) from analysis.

  To do this, you create a parameter User 1 and associate it with your rule.

  During analysis, when you attach a parameter list containing the parameter User 1 and assign the value 'John' to this parameter User 1, only the value John will be excluded from analysis.

  To exclude an object by parameter:

  1. Click the Add Parameters link in the Options field. The Browse Parameters pop-up window is displayed.

  2. Select the required parameter and click OK. The parameter is displayed in the Exclude Specific Attributes field.

  • Click the View Parameter Values link to provide values to the parameter.

  • By default, there is no expiry date for these exclusions. To edit this expiry setting, click Edit Expiration Date. Select the required date and click OK. Select the check box Apply to all to apply this expiration date to all the selected exclusions. The exclusion expiration date selected here is according to the IRC application server time zone. Once the expiry date has passed, the object is included in the analysis using that rule.

  • The expiry date can also be set from the Document Exclusions page.

   

• Exclude an object by associating a parameter list

  Associate a parameter list to a rule to ensure that when the rule is analyzed, only the values for the parameters in the associated parameter list are excluded from analysis, even if multiple parameter lists are attached during analysis.

  For example, assume that you have a user named John in your US office and another user named John in your UK office. You want to exclude John (US) from analysis.

  To do this, you create a parameter User 1 and include it in the parameter list PL_US. You give User 1 the value  'John' . You then use the same parameter in a second parameter list PL_UK. Again, you give User 1 the value John.

  You associate the parameter list PL_US with your rule.

  During analysis, even if you attach both parameter lists, only the value John from PL_US will be excluded from analysis.

   

  Note: Before a parameter list can be attached to this rule, parameters need to be created in the Parameter Library, and imported into a Parameter List. Values may be assigned to the parameters at any time prior to analysis. All parameters must have the check box Mark for exclusion selected.

   

  Associate a parameter list as follows:

  1. Click Add/remove Parameter Lists link to associate a parameter list to the exclusions. The Parameter Lists field is displayed. Provide a parameter list name in the autosuggest text box or click the Browse icon to locate and select the desired parameter list and click Save. The selected parameter list appears in the Valid For drop-down list.

  2. Select the parameter list from the Valid For drop-down list.

  3. In the Exclude Specific Attributes field, select a parameter to exclude and click the Add icon. All parameters available in the selected parameter list will be displayed. Alternatively, click the Browse icon to locate and select the desired attribute. The selected attribute will appear in the field.

  • Click the View Parameter Values link to provide values to the parameter.

  • By default, there is no expiry date for these exclusions. To edit this expiry setting, click Edit Expiration Date. Select the required date and click OK. Select the check box Apply to all to apply this expiration date to all the selected exclusions. The exclusion expiration date selected here is according to the IRC application server time zone. Once the expiry date has passed, the object is included in the analysis using that rule.

  • The expiry date can also be set from the Document Exclusions page.

• Provide the names of the users who will receive the notification

  In  the field When this rule is violated, send an email message to, enter the name of the user and click the Add icon or click the Browse icon to search for users and select the users required.

• Send an email using parameters

  The parameter list drives the e-mail addresses used in the alerts. In the field. When this rule is violated, send an e-mail message using parameter - to, provide the parameter name in the autoselect text box or click the Browse icon to locate the required parameter.

  Before you can avail of this option, ensure that the required parameters are present in the Parameter Library with e-mail selected as the technical name

   

Rule Conditions

The Conditions tab enables you to select rule objects and define rule conditions. To do this, click the Add/Edit Rule Conditions. A pop-up window opens, displaying the following tabs:

• Select Objects

  Use this tab to select the primary object as well as other objects required to build the rule condition. The primary object is the object on which the exceptions count is based. Only one primary object may be selected for a rule.

  In some business cases you might need to select multiple objects for rule building. As only one primary object can be selected, the additional objects can be selected from the Other Objects field. It is not mandatory to select other objects as they are not the cause of the exceptions.

  It is mandatory to select a Primary Violating Object while building a rule condition, else the system will display an error message. If the objects selected in the Primary Object field and the Other Objects field are related in the schema, the relationship between these objects is displayed in the Relationship Between Objects panel on the Conditions tab.

   

   If the objects selected in the Primary Object field and the Other Objects field are related in the schema, the relationship between these objects is displayed in the Relationship Between Objects panel on the Conditions tab.

  Note:It is mandatory to select a Primary Violating Object while building a rule condition, else the system will display an error message. If you have imported rules and the rule condition does not have a Primary Violating Object, the status of such rules will appear as Expired.

   

  Select the check box Check Duplicate Objects to create a duplicate type rule. When you save a rule, the Check Duplicate Objects check box gets disabled and can not be modified when you edit the rule.

   

• Build Conditions

  Use the Conditions tab to define the rule condition.

  You may want to build a rule with just one group or multiple groups. A group is a set of conditions. A group may contain one or more conditions separated by operators AND or OR. During analysis, IRC evaluates all the conditions in the first group sequentially and then the conditions in the second group depending on the operator.

  You can even right click a condition and click Copy Conditions From to copy an existing condition from the Data Browser. A pop-up window is displayed. On the Rule tab, the Select Rule drop-down list displays all the Process Insight rules in the system. Select the rule condition to be copied and click Add. You can select the rules owned by you as well as the rules owned by other users as all the rules in the system are displayed in the drop-down list.

  Note: When copying conditions, you can choose only those saved Data Browser filters that have been created using the primary objects available in the Select Objects tab on the New Rule page.

  Adding Values

  Each condition consists of:

  • Value set 1 - This is the object attribute. For example, if the primary object is 'Goods Receipt', the object attribute might be 'Goods Receipt~ Goods Receipt Line Reference ~ Purchase Order ID'.

  • Value set 2 - This is the value to be searched for. A value may be a specific value, a date or a NULL or BLANK value.

  • The operator - Select the required operator to define the value to be searched for. Selecting the operator 'Fuzzy match' enables you to define the minimum and the maximum threshold values. The recommended values are 70 and 99 respectively. If these values are not defined, the default minimum (80) and maximum (99) threshold values are taken up.

  You can select value for Value set 2 from any of the following tabs:

  • Select Attribute - This tab enables you to select the object attribute.

  • Literals&Dates&Logicals - This tab enables you to type in a specific value or date. It also enables you to select NULL and/or BLANK values.
    To ensure that fields containing both NULL and BLANK values are considered in an analysis, select both NULL and BLANK as Value Set 2 and use the operator Is any of so that objects with both 'NULL' or  'BLANK' values are considered during analysis. For example, if you wish to identify the goods receipts with no corresponding purchase order, select the primary object as Goods Receipt. Select Purchase Order ID as Value Set 1, NULL and BLANK as Value Set 2 and the operator as Is any of. All the goods receipts with NULL or BLANK values in the field 'Purchase Order ID' will be identified.
    Logical values may be alphabetic, numeric or alphanumeric. For example, a user name or a receipt number can be specified as a logical value.
    Specify a date as Value Set 2 if the Value Set 1 has to be analyzed with the date criteria.

  • Select Parameters - This tab enables you to attach the required parameter as Value Set 2. When an analysis is performed, the specified parameter is substituted by the values from the corresponding parameter list.

   

  Relationship Between Objects

  This panel is displayed only if the objects selected in the Primary Object field and the Other Objects field have a pre-defined relationship in the schema. This relationship is required for accurate analysis results and it is recommended to retain it. However, if required, this relationship can be disabled as follows:

  1. Right-click the field Relationship between. A pop up button is displayed as in the figure below.

  2. Click Disable this relationship. Once disabled, this relationship does not participate in analysis.

For details on building rule conditions for different rule formats, refer to the respective Sample Rules:

• Standard rule

• Duplicate rule

• Baseline rule

• Math rule

• SQL rule

Reporting Fields

• Add reporting fields

  The Reporting tab enables you to select fields that you want to display in the Business Process Exceptions report or the Exceptions Browser and the order in which these fields are to be displayed. Reporting fields can help you better understand your exceptions so that they can be closed out quickly. Reporting fields may belong to the primary object or to the other objects selected even if the other objects are not a part of the rule condition.

  The Business Process Exceptions report can be generated for each process rule type.

  To add reporting fields:

  1. Type a part of the reporting field name in the autosuggest text box and click the Add icon.
     Alternatively, click the Browse icon to browse and locate the desired reporting fields. The Browse Reporting Fields window displays all the reporting fields relevant to the primary object and the other objects selected on the Conditions tab. Select the desired reporting field and click OK.

  2. The selected reporting fields appear in the Name field.

  Important: Adding rule condition is not mandatory for viewing Reporting field values up to two levels i.e. PVO, child of PVO, SVO and child of SVO. However, for viewing reporting field values for subsequent levels, you must define conditions around those objects.

• Rule Summary

  The Rule Summary tab enables you to provide high level information about the reason for the exceptions generated by the primary object in a rule. This information is displayed on the third level of the Exceptions page.

   

   Note: Rule Summary can be provided only for the rules of the Process Insight.
  While building a rule, the objects and fields available for Rule Building, Reporting Field, and Rule Summary are from the Insight Schema. However, the Comparison Value or Calculated Fields are not a part of the Insight Schema and hence are not available for Rule Building, Reporting Fields, or Rule Summary.

   

  To provide the rule summary:

  1. Click Add Text Block . In the free text box provided, enter a summary or description for the selected reporting field.

  2. Click Add Field to select multiple reporting fields and provide descriptions for each.

  3. Click Refresh. The Preview field displays the key output fields in parentheses and the summary text for that object. For example, '[INVOICE_ID] greater than 5000'.

  4. When the rule is analyzed, the place holder [INVOICE_ID] will be replaced with the actual Invoice ID numbers that are greater than 5000 and have generated exceptions.

  5. Click Save. A confirmation message is displayed. The summary for the rule will be displayed on the third level of the Exceptions page

Testing a Rule

When building a rule for Process Insight rule type, you have the option to test your rule against the extracted data in the database to ascertain whether:

• The rule returns the expected results

• Any data meets rule criteria

Test your rule