Release Notes EZ-Compliance 2022a-SP1 (build 1.22.11.4332)

Release Notes EZ-Compliance 2022a-SP1 (build 1.22.11.4332)

New and/or Adjusted Functionality

Access Scan – EAMS (TICKET 1885)

In the Access Scan a new option is added in the section Child Option/Filters. In the sub section “Include Child Access Points in Scan” the option “Both (satellite Sessions Compatible)” is added.

 
In the situation, that the child access point authorizations are generated based on the sub-application modeling information, no authorizations are generated for the so-called satellite sessions. The new option provides the ability to generate authorizations using the sub-application modeling information and the satellite session. The satellite session information is to be loaded through the Parent-Child Access Point information.

Temp Employees purge (Preventive Scan) (TICKET 1886)

For a New Employee Preventive Scan, the New Employee is created in the Employee table. In the situation the Preventive Scan was not completed or terminated, the Employee was not removed from the Employee table. This situation is now monitored and the temporary Employee is deleted from the table for these situations.

EZ-Compliance Services Regional Settings Validation (TICKET 1899)

To avoid the Background Service from stopping to run, a check on the Regional Settings is executed upon starting the Background Services. In the situation the setting is not US-EN, a warning is raised when starting the Service that this setting is incorrect. Also when connecting to a Repository (by the Background Service) this validation is done. If the Regional Setting is not US-EN, the connection to that Repository is skipped. 

Review Authorizations Status vs Review Action (TICKET 1902)

A new web portal report for the PAR Owner is added. The purpose of the Report is to report which Access Review Actions have not yet been followed up to. The Report is available to the PAR Owner from the PAR Owner Dashboard (My Periodical Access Reviews – As Owner). The PAR Owner can select a specific PAR Cycle and bring the contextual menu (right click on the record). A new option is added: “Authorizations vs Access Review”.

 
The report will only include the PAR Review Records, which do NOT have the final Review Actions set to “Keep-as-is”. (So only those records are included for which the last review action is of the values:
  1. To be Deleted
  2. To be Restricted
  3. Was Deleted
  4. Was Restricted
The report is NOT available for PAR Cycles if Review Level “Business Function”. If this option is selected for an PAR Cycle with Review Level “Business Function, a message is shown “Report is not available for Periodic Access Review Cycle with Review Level: Business Function”. For all other Review levels the Report is available.

For PAR Review Records with he last Review Actions  – “ To be Deleted” and/or  “Was Deleted” the Current Authorization Status is determined as follow:
  1. In the situation that the Authorization still present
    1. Status: Authorization Still Present
  2. In the situation that No Authorization is present
    1. Status: Authorization was Deleted
For PAR Review Records with he last Review Actions  – “ To be Restricted” and/or  “Was Restricted” the Current Authorization Status is determined as follow:
  1. In the situation that at least one Authorization is present with Higher Access Level
    1. Status: Authorization Still Present with Higher Access Level
  2. In the situation that All Authorizations are present with Equal or Lower Access Level
    1. Status: Authorization was Restricted to (show highest available Access Mode / Level)
  3. In the situation that No Authorization are present
    1. Status: Authorization was Deleted
The report shows the following columns. In case of Review Level “Company” and “Role” some columns will not show (as indicated in then table by NA.

Conflicting Role Report (TICKET 1903)

A new web portal report is added, Conflicting Roles. This report is accessible through the Menu Section “Segregation of Duties”.

The report shows the roles which are conflicting based on a “what-if” analysis. Per conflicting Role combination, the number of actual/ active conflicts per status are shown.

The “what-if” conflicting roles are determined by the following logic:
  1. A virtual employee will be assigned ALL Roles currently present in the actual authorizations
  2. The Role Content is resolved NOT including the Company number (see also preventive scan options)
  3. During a normal Conflict Scan, the “virtual” conflicts are determined; based on which the conflicting roles are determined.
The report shows which Roles will be conflicting which each other and which Roles actually result in real conflicts.
Note: the Preventive Scan Options as configured in the Environment Settings are NOT taken into account when calculating the virtual conflicts.

The Report includes the following columns:
  1. Role 1 Code
  2. Role 1 Description
  3. Role 2 Code
  4. Role 2 Description
  5. Opened / Not mitigated (shows number of open conflicts – resolution defined and applied both not checked)
  6. Reviewed (show number of conflicts in review – resolution defined checked, resolution applied not checked)
  7. Closed / Mitigated (shows number of closed/mitigated conflicts (resolution defined and applied both checked)
For a report line a contextual menu can be called:

 
From the contextual menu, 2 separate reports can be called:
  1. the actual conflicts  for the conflicting roles of the line selected.
  2. the virtual / simulated conflicts for the conflicting roles of the selected line.

KPRI Email notifications properties (TICKET 1907)

With the merge of EZ-Compliance and EZ-Dashboard, the email notifications settings for EZ- Dashboard were not moved over. The settings have ben added to the Environment Settings in the Folder “Notifications”.

Web Portal – Change Passwd (TICKET 1916)

In web portal in the section “My Settings” the Change password is now shown as a hyperlink. If the Authentication settings are set to Authenticate through AD (either general or user specific) the option to Change the passwd is not visible. 

Client – Ability to maximize theKPRI Dialogue (TICKET 1917)

Added the ability to maximize the KPRI grid dialogue in the Client.

Resolution Rule – Allow SQL Text based Scope (TICKET 1920)

In case the scope of a resolution rule is complex and can not be created through he “helper”, the ability to add a SQL text based scope to has been added. If the sql-text based scope is added, the helper scope is cleared. If a helper based scope is added to the resolution rule the text based scope is cleared. 

Client: Business Control Testing Schedule Grid

The column “Next Status” has been renamed to “Pending Status” in line with the Web Portal Reports.

DEM Import

The File format detection has been adjusted to account for newer DEM files to be imported.

Conflict Report (Id=6)

The Resolution Rule Code and Description are added to the report.

Client: Pick Company Dialogue

The option to pick Company  <empty>, in the popup dialogue were multiple companies can be selected, is removed.

Bug Fixes

Web Portal – Manual Authorizations (TICKET 1890)

The Web-portal was not taken the Company Owner Permissions into account when the viewing Manual Authorization(s)

Duplicate records count (TICKET 1892)

Two issued have addressed related to the openERP Event Log:
  1. The duplicated records count in the openERP import log was calculated incorrect. 
  2. The Authorization Employee Group Code as showing as the Authorization Employee Group Description

Copy Repo to Repo PAR Unhandled exception error (TICKET 1896)

When copying PAR data from one repository to another, utilizing the Copy from Repo to Repo utility, an error occurred. This has been corrected.

PAR Saving Error (TICKET 1906)

An error occurred while saving an existing PAR. This happens if the PAR code is already been archived. When the system saves a PAR, if a PAR with the exact same code is already archived it will prompt this message, effectively preventing the user from Saving. An adjustment has been made to allow to save an existing PAR which already has been archived.

Conflicts – View Conflict Rule Information (TICKET 1909)

From the Conflict Report (id=6) and through the contextual menu the Conflict Rule Information (Infos id=5) is available. There was an issue in the sub-report with showing the associated Risks. This is now resolved and the Risks (if associated) are now showing.

View Risk an Performance Indicators (TICKET 1910)

The export to excel from the KPRI Web Portal Dashboard, resulted in zero records being exported. This issue has been resolved.

PAR Delete – error (TICKET 1911)

Deleting multiple Completed PAR Cycles could result in an error. This has been resolved.

KPRI – User Accesses/Permissions not applied properly (TICKET 1912)

The web portal report Enterprise Risk & Performance Monitoring did not apply the User Permissions correctly. This has been corrected.

Client Manual Edit of Resolution Data (TICKET 1923)

In the case the Conflict Resolution Data was edited through the Client, an error could occur. This has been corrected. Further the behavior is adjusted, that if the Resolution data is edited the Name and Date are also filled and the Resolution Defined checkmark is set. If all resolution data is cleared, the checkmark Resolution Defined is also unchecked.

EZ-Compliance Risk Import

The Risk Import validation has been changed from "needs 6 columns" to "needs at least 1 column".