Violation Details for SAP What-Ifs and Requests

This page provides details of violations generated for the selected What-if analysis or request. This information is displayed on the following panels:

  • General Information : This panel provides general details of the request or the What-if, such as the creator of the What-if or request, the creation date, the connection from which data was extracted. In case of a What-if analysis, this panel also displays the number of rule books and parameters used in the What-if analysis.

    The creation date displayed on this panel is according to the time zone defined on the Preferences page.

    Note: The rule books displayed are Insight-specific even if the 'all rule books' option is selected while creating the What-if. However, if the option 'all parameter lists' is selected, all existing parameter lists are displayed as parameter lists are not Insight-specific.
    Click the Details link to view the Details pop-up window. Depending on the request type, one or all of the following tabs may be displayed on this panel:
    • Proposed Details: The Proposed Details tab displays details of the changes proposed in the request. Depending on the request type, this tab may contain any or all of the following tabs:
      • User Information: This tab displays details of the new user being created, such as, the user ID, the user name and the validity period
      • Role Information : This tab lists all the new roles selected to be assigned to this user. Details of these roles such as the rule type, the validity and the connection in which the role is being assigned are also displayed on this tab
      • Modified Authorizations: This tab is displayed for an Authorization Change request. Depending on whether authorizations are deleted, added or modified in this request, details of the modified authorizations are displayed on the respective tabs.
      • Position Details: This tab is displayed for a Roles to Position request and displays details of the proposed changes to the selected position .
    • Current Details: The Current Details tab displays current details of the user. Depending on the request type, this tab may contain any or all of the following tabs:
      • User Information: This tab displays current details of the selected user.
      • Role Information: This tab displays details of the roles already assigned to the user in the selected connection. You can view details of roles assigned to the user in a specific connection by selecting the required option in the ERP and the Connection fields.
    • Infor Risk & Compliance Roles: This tab is displayed only if Infor Risk & Compliance roles are assigned to the user. Details of these Infor Risk & Compliance roles are also displayed on this tab.
  • Violation Chart : This panel does not display any information if the request has not generated any violations. If the request has generated violations, this panel provides a graphical view of the number of rules generating violations and the priority of violations generated. The total number of rules violated is listed on the right side of the panel.
  • Violating Objects
  • Other Details : This panel displays comments, if any.
This page enables you to perform the following actions on What-Ifs, depending on the task type:
  • Re-Analyze the What-If: Click the Re-Analyze icon to perform the What-If analysis again. You may need to re-analyze What-Ifs in these scenarios:
    • What-If failure for some environmental issue
    • Change in the data or the rule
    Note: You can not re-analyze the What-if analyses that are in the 'in-progress state and in the 'reviewed' state.
  • Review the What-if : Click the Review icon. References to this What-if will be displayed only on the History tab of the What-if home page.
  • Delete the What-if : Click the Delete tab to delete a selected What-if. All references to this What-if will be removed  from the What-if home page, including the History tab.
  • Generate request :The Generate Request icon allows you to generate a request after the What-if analysis is complete. This tab is enabled only if Access Manager is installed with Infor Risk & Compliance. This request goes through an approval process and if it is approved by the assigned approvers, the ERP system is updated with changes. To generate request for the What-if analysis:
    1. Click the Generate icon.
    2. Provide the required information on the New Request page displayed as described in the topic for that request.
    3. Click Send.
This page also enables you to perform the following actions on Requests:
  • Delete a request : The Delete icon is displayed only if the request is in the requestor stage and not moved to the first approval stage.

    Click the Delete icon to delete the selected request. All references to this request are deleted from the system.

  • Edit a request : The Edit icon is displayed on the user interface only if
    • You are the creator of the request or an administrator.
    • The request is in the requestor stage and not yet moved to the approval stages

    Approvers of the request cannot view the Edit tab.

    Edit a request as follows:
    1. Click the Edit icon. The page for this request is displayed.
    2. Make the required changes and click Send. The request is resubmitted for analysis and a confirmation message is displayed.
    3. Click Yes to continue. The request appears on the Requests home page.
  • Send a request : The Send icon is displayed on the user interface only if the request has not generated any violations. Click the Send icon to send the request for approval.
  • Mitigate violations : The Mitigate icon is displayed on the user interface in the following scenarios:
    • You are the creator of the request and the request is in the requestor stage.
    • You are the approver of the mitigation stage of the request.

    A violation can be mitigated by attaching compensating controls to the violated rule. This ensures that the violating object is excluded from all analyses using that rule. Adding Compensating Control during mitigation is mandatory.  You can now configure Infor Risk & Compliance to enable Request Approvers to add comments in addition to adding compensating controls. To enable or disable this feature, select the option Allow comments during Request mitigation .(Configuration->Infor Risk & Compliance system->What-if and Request Settings ->Platform Options). This feature is disabled, by default. Comments will be added to the violation only when Mitigate button is clicked by the approver.

    You may mitigate violations by attaching compensating controls as follows:
    1. Select the violating object on the left panel. The right panel displays all the rules violated by this object. The Compensating Controls field below the rule name lists all the controls already attached to the rule.
    2. Additional compensating controls can be attached. You have the following options to do so:
      • Use compensating controls already available in Infor Risk & Compliance: Select any of the compensating controls already available in Infor Risk & Compliance as follows:
        1. Click Add below the rule name.
        2. From the Create Compensating Control window displayed, select the check box next to the required controls.
        3. Click OK.
      • Create new compensating controls: Create a new compensating control to be attached to the violated rule as follows:
        1. Click Add below the rule name.
        2. In the Create Compensating Control window displayed, expand the Create New Compensating Control panel.
        3. Specify the required details on the General Information and Supporting Documentation tabs.
        4. Click Save. The newly created control is added to the list of compensating controls displayed below.
        5. Select the check box next to this control and click OK.
    3. Click the Mitigate icon. Violations mitigated by attaching compensating controls are marked with an icon.
    4. Click Send. The request moves to the Inbox and the Requests home page of the next stage approver and to the History tab of the signed-in user.
  • Remove violating objects : Removing violating objects from this page means removing the objects for which changes are requested. If any of the violating objects are removed, Infor Risk & Compliance analyzes the request again for  new violations. Remove a violating object as follows:
    1. On the left panel, select the required violating object.
    2. Click the Remove icon. A message is displayed on this panel stating that the request is resubmitted for analysis.
Note: Click the Download icon to download the data on this page to a CSV format. Note that data in the CSV file will be displayed in the default format for this page even if it has been sorted. Data sorting has no impact on the data displayed in the downloaded file.
Related topics
Requests
What if Analysis