Installation Instructions for Hot Fix D17025

HP-UX IPF

Hot fix D17025 addresses the issue(s) in SAS Enterprise GRC 4.3 on HP-UX IPF as documented in the Issue(s) Addressed section of the hot fix download page:

http://ftp.sas.com/techsup/download/hotfix/HF2/D17.html#D17025

D17025 is a "container" hot fix that contains the following "member" hot fixes which will update the software components as indicated. See the Container Hot Fixes section in the Maintenance Install Tool (MIT) Usage Guide for more information about container hot fixes.

D14025 for SAS Enterprise GRC Administrative Tools 4.3
D15031 for SAS Enterprise GRC Mid-Tier 4.3
H86002 for SAS Enterprise GRC Mid-Tier Help and Documentation 4.3
D16011 for SAS Enterprise GRC Server 4.3

IMPORTANT NOTES

1. Files delivered in this hot fix will be backed up during the installation process. However, it is good general practice to back up your system before applying updates to software.

2. You must have Administrator Privileges on your CLIENT or SERVER machine.

3. All currently active SAS sessions, daemons, spawners and servers must be terminated before applying this hot fix.

4. This hot fix should be installed using the same userid who performed the initial software installation.

5. After installing the hot fix if you get an exception like this when using SAS Enterprise GRC 4.3:

   an exception occurred processing JSP page /tiles/CSA/assessment/ratingsSummary/ratingsSummaryEditor.jsp

   then follow SAS Note 50525 for resolution.

INSTALLATION

If the updated components of this product are installed on multiple operating systems, you must download the hot fix for the appropriate operating system(s) and follow the installation instructions provided to complete the deployment of this hot fix.

The installer downloaded is D17025hx.bin.

When downloading SAS 9.2 hot fix packages, you must choose to Save the hot fix to disk, then execute the install from the saved location. Attempting to install a hot fix directly from the download page results in the error documented in SAS Note 37104.

To install the hot fix:

1. Verify that the installation binary has execute permission. If it does not, use the chmod command to make it executable.

$> chmod 755 D17025hx.bin

export DISPLAY=<your_node_name>:0

<path_to_downloaded_file>/D17025hx.bin

./D17025hx.bin

See the Maintenance Install Tool (MIT) Usage Guide for more details on the installation of hot fixes.

The content of this hot fix is listed in the hot fix manifest.

This completes the installation of D17025. You must perform any "Post-Installation Instructions" documented below to successfully complete the deployment of this hot fix.

POST-INSTALLATION INSTRUCTIONS

For each product installed, click the link to be redirected to post-installation instructions.

D14025 for SAS Enterprise GRC Administrative Tools 4.3
D15031 for SAS Enterprise GRC Mid-Tier 4.3
H86003 for SAS Enterprise GRC Mid-Tier Help and Documentation 4.3
D16011 for SAS Enterprise GRC Server 4.3

D15031 for SAS Enterprise GRC Mid-Tier 4.3

Filter Attachments

As part of this hot fix, we added capabilities to filter the type of attachments allowed in the system. Please follow SAS Note 49870 for details.

Apply Web Application Overrides to SAS Enterprise GRC

As part of this hot fix, we added validation for x_target field to be numeric to the kriDefinitionWizardForm section of validation.xml.

As part of earlier hot fix

1. we added validation for x_target field to be numeric to the IndicatorWizardForm section of validation.xml.

2. we added validation for the custom field specified in "monitor.qba.sort.customfield.name" config option to be required in assessmentWizardForm section of validation.xml.

<SASHOME>/SASOpRiskMonitorMidTier/4.1/Static/wars/sas.oprisk.monitor/WEB-INF

Re-build and Re-deploy Web Application

This hot fix requires that the WebApp be rebuilt and redeployed. Use the following steps to perform this post-installation task:

Step 1: Re-build Web Application

In order for this step to execute correctly, the Metadata Server must be running.

1.1 Invoke the SAS Deployment Manager 9.2

From the SASDeploymentManager directory launch config.exe.
SAS Deployment Manager is installed in the following default location:

<SASHOME>/SASDeploymentManager/9.2

1.2 Select a language in the Choose Language box

1.3 Select Rebuild Web Applications

1.4 Select Configuration Directory or Enter the Configuration Directory and Level that needs to be updated

1.5 Specify Connection Information, including the sasadm User ID and Password

1.6 Select Enterprise GRC MidTier 4.3 as the Web Application to Rebuild

1.7 Verify the information on the Summary screen and select Start

1.8 Select Finish when the deployment is complete

This process will update the Enterprise GRC MidTier 4.3 ear in <SASCONFIGDIR>/Web/Staging.
A backup of the original ear file will be placed in the directory below:

<SASCONFIGDIR>/Web/Staging/Backup

Step 2: Re-deploy Web Applications

Re-deploy the web applications based on the instructions for the web application server you are using.

Step 3: Clear the AppServer cache.

For details, contact your administrator.

Two new parameters as follows are now available to be used to control if user can see the close or delete actions for these components.

CPB components:

RiskRatingsSummaryTable
ControlRatingsSummaryTable

New parameters are:

showCloseAction
showDeleteAction

The default value for these 2 parameters is "true" i.e. the close and delete actions will show. If users don't want to show the close and delete actions, then pass these parameters as "false".

Example: In RatingsSummary.xml

<field name="TEMP.populatedRisks" type="component"
component-name="RiskRatingsSummaryTable"
..........
<param name="showCloseAction" value="false" />
<param name="showDeleteAction" value="false" />
...........
</field>

With this hot fix, if the config option is set to monitor.validation.return.returnToOriginator=false, and the Kri Observation validator returns an observation, then it will go to the preceding stage instead of to the originator. However, the message shown during this observation return will still be something like :

Observation for "KRI name" returned to originator.

If user wants to set a different message for this case, then they need to set the key "KriObservationEditor.returnToPrecedingStage.fmt.txt" in customMessages.properties.

For example:

KriObservationEditor.returnToPrecedingStage.fmt.txt=Observation returned to preceding stage

As part of the new feature for allowing multiple recommendations during Accept / Responsd phase of Assessment:

1. Two new config options are introduced. Please add them to your configdata.properties file.
   For reference, check this file in the location:

   <SASHOME>/SASOpRiskMonitorMidTier/4.1/Config/Deployment/Content/Preload/Config

   monitor.risk.allowMultipleRecommendations=false
   monitor.risk.businessOwnerRecommendation.required=true

   Note: setting the above values i.e “monitor.risk.allowMultipleRecommendations=false” and “monitor.risk.businessOwnerRecommendation.required=true” will keep the out-of-box behavior as in the past, i.e., Business Owner can select only one recommendation or add only one recommendation during accept / respond phase of assessment.

2. There are changes made to the RiskInstance screen definition. Please merge and upload the screen definition with these updates.

   Changes in RiskInstance.xml:

   Use the new SelectedRecommendationTableComponent by changing this line:

   From:   <field name="TEMP.selectedRecommendations" type="component" component-name="SelectedRecommendationTable" required="true">

   To:   <field name="TEMP.selectedRecommendations" type="component" component-name="SelectedRecommendationTableComponent" required="true">

   Make selected recommendation optional based on config option "monitor.risk.businessOwnerRecommendation.required", ie:
   Remove the required flag from the SelectedRecommendationTableComponent as in this line:

   <field name="TEMP.selectedRecommendations" type="component" component-name="SelectedRecommendationTableComponent">

   Add the line to require selectedRecommendation based on config option in the populatedAssessable.riskResponseTypeCd field as follows:

   <field name="populatedAssessable.riskResponseTypeCd" type="dropdown" required="true">
      <label><message key="populatedAssessable.field.riskResponseTypeCd.displayName.txt" /<>/label>
         <on-change>
            <set-visible name="populatedAssessable.acceptanceExpiryDt" test="populatedAssessable.riskResponseTypeCd = 'ACC'" />
            <set-visible name="TEMP.selectedRecommendations" test="populatedAssessable.riskResponseTypeCd = 'MIT'" />
            <set-required name="TEMP.selectedRecommendations" test="populatedAssessable.riskResponseTypeCd = 'MIT'
              and getConfigValue('monitor.risk.businessOwnerRecommendation.required') = 'true'"/>
         </on-change>
   </field>

   There are changes made to RiskRecommendation screen definition to allow users to flag which recommendation is *selected* out of the multiple recommendations (when monitor.risk.allowMultipleRecommendations=true). Please merge the changes from:

   In RiskRecommendation.xml
   In the initialize block, added:

   <if test="assessment.assessmentStageCd = 'ARD'">
   <set name="selectedFlg" value="true" />
   </if>
   <if test="assessment.assessmentStageCd = 'ASE'">
   <set name="selectedFlg" value="false" />
   </if>

   At the end of the screen, added a field for selectedFlg:

   <field name="selectedFlg" type="boolean" visible="false" >
   <label><message key="recommendation.useToCreateIAP" /></label>
   </field>

   Add the new customization file “RiskInstanceTableRecommendationEntryCustomizations.xml” that is added for the Selected Recommendation table to your content server from:

   <SASHOME>/SASOpRiskMonitorMidTier/4.1/Config/Deployment/Content/Preload/Config/Customizations/ RiskInstanceTableRecommendationEntryCustomizations.xml

   Add the following new message in customMessages.properties:

   recommendation.useToCreateIAP=Use this Recommendation to Create Issue and Action Plans

   These are some optional Customizations information that user can use for certain optional behaviors:

   1. If user wants to have an option to mark one of the recommendations created by Business owner as selected, then they can add the following update to RiskRecommendation.xml screen definition: Change the "selectedFlg" field

      from:
      <field name="selectedFlg" type="boolean" visible="false" >
      <label><message key="recommendation.useToCreateIAP" /></label>
      </field>
      to:
      <field name="selectedFlg" type="boolean" visible="assessment.assessmentStageCd = 'ARD'" >
      <label><message key="recommendation.useToCreateIAP" /></label>
      </field>

      and remove this from initialize block:

      <if test="assessment.assessmentStageCd = 'ARD'">
      <set name="selectedFlg" value="true" />
      </if>
      <if test="assessment.assessmentStageCd = 'ASE'">
      <set name="selectedFlg" value="false" />
      </if>

   2. If user wants to restrict to one selected recommendation, then they can add a validation in RiskInstance.xml screen definition similar to this:

      <if test="assessment.assessmentStageCd = 'ARD' and populatedAssessable.riskResponseTypeCd = 'MIT' and (getConfigValue('monitor.risk.businessOwnerRecommendation.required') EQ 'true')">
      <validation test="(size(filterRecommendations(populatedAssessable.recommendations, true, false, ratingsSummary.frozenDttm))) EQ 1">
      <errmsg><message key="one.recommendation.needed" /></errmsg>
      </validation>
      </if>

      And add the custom message in customMessages.properties:

      one.recommendation.needed= Only one Recommendation must be selected by the business owner during Accept/Respond phase

   New configuration options:
   
   This hot fix introduces new configuration options in the configdata.properties file:

   monitor.nameTxt.maxLength
   monitor.descTxt.maxLength
   monitor.helpTxt.maxLength

   For example, if user sets:

   monitor.nameTxt.maxLength=100
   monitor.descTxt.maxLength=1000
   monitor.helpTxt.maxLength=1000

   then it will give error during data load for KriTemplates and Kris if the name text has more than 100 chars and if description text and help texts have more than 1000 chars.

   monitor.change.reason.required
   monitor.change.reason.key.default

   If monitor.change.reason.required is set to false, GRC will not prompt for change reason. It will use default change reasons that are predefined in GRC or Workflow, and if none available, use the key value of monitor.change.reason.key.default found in customMessages.properties

   For example,
   

   monitor.change.reason.key.default=com.sas.egrc.sample.defaultChangeReason

   in customMessages.properties
   

   com.sas.egrc.sample.defaultChangeReason=This is my sample default change reason

   By default, monitor.change.reason.required is set to true.

   monitor.recovery.totalsUseBookedAmounts

   This option will limit recovery totals to use booked amounts, similar to financial effects. The default is set to false.
   

   - Set to 'true' to use only booked statuses in recovery totals
   - Set to 'false' to include all recovery statuses in recovery totals

   If the option is reset, the application server hosting GRC will need to be restarted.

   monitor.nonRevalidationFields.issue.enabled

   When this option is set to false, all changes in Issue would not cause revalidation.

   By default, or if not specified, this option is set to true.

   monitor.nonRevalidationFields.actionPlan.enabled

   When this option is set to false, all changes in Action Plan would not cause revalidation.

   By default, or if not specified, this option is set to true.

   monitor.validation.nearMissEvent.estimatedAmount

   When the monitor.validation.nearMissEvent.estimatedAmount is set to true, all "near miss" incidents validation stage calculation will based on Estimated Amount of the Incident. Other Incidents will continue to calculate based on total financial amounts.

   By default, or if not specified, this option is set to false.

   monitor.qba.sort.customfield.name

   This config option specifies the custom field name to store user's selection for sort order in Questionnaire Based Assessment (QBA). In this fix we provided changes in SAS code to add a custom field named "x_assessment_sort_order" for Assessment, but user can specify to another custom field with different name if needed. This custom field has to be mapped to the new named list "x_assessment_sort_order_option". If "x_assessment_sort_order" is not a custom field of Assessment, or whatever the custom field name specified by this config option does not exist, QBA will behave the same as before this fix.

   monitor.custfield.sort.riskEventTypes

   When this option is set to false, sorting of custom fields for Risk Event Types tables are disabled, which would improve UI performance in adding Risk Event Types to Questionnaire Templates in certain scenarios.

   By default, or if not specified, this option is set to true.

   monitor.custfield.sort.controlTypes

   When this option is set to false, sorting of custom fields for Control Types tables are disabled, which would improve UI performance in adding Control Types to Questionnaire Templates in certain scenarios.

   By default, or if not specified, this option is set to true.

   If any of the options are reset, the application server hosting GRC will need to be restarted.

   New KRI Functionality: NOTE: If you have completed these steps as part of a previous hot fix application, the steps below can be skipped:
   
   This hot fix introduces new KRI functionality. To enable the added KRI scale type functionality, Scale Type (4), you must add the following custom fields, named lists, and named list mappings to your system, and remove references to the ‘com.sas.oprisk.monitor.view.kri’ keyword in SAS Management Console.

   First, execute the program <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasstp/orm_job_autoexec.sas

   Custom Fields

    

   Business Object Type Name	Custom Field Name	Custom Field Type	Description
   kri	x_target	NUM	Enables KRI’s to display and store the target value associated with them.
   kriTemplate	x_target	NUM	Enables KRI Definitions to display and store the target value associated with them.
   kri	x_targeted	OPS	Allows saving of new options for KRI scale interpretations when Scale Type of “Scale (4)” is selected. The new options are “Improving Moving toward the center of the scale” and “Improving moving away from the center of the scale”.
   kriTemplate	x_targeted	OPS	Allows saving of new options for KRI definition scale interpretations when Scale Type of “Scale (4)” is selected. The new options are “Improving Moving toward the center of the scale” and “Improving moving away from the center of the scale”.
   kriObservation	x_normalized_score	NUM	Provides the ability for an observation's normalized score to be passed to the operand of ‘X_NORMALIZED_SCORE’ in KRI notification workflows.

    

   Add the following lines to <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasmisc/sample/config/load_custom_field_defs.sas (after "proc sql noprint;" and before "quit"), then execute the program:

   /* Kri Template and Indicator */
   %orm_insert('kri', 'x_target', 'NUM', null, 'Target Value for a targeted KRI.');
   %orm_insert('kriTemplate', 'x_target', 'NUM', null, 'Target Value for a targeted KRI.');
   %orm_insert('kri', 'x_targeted', 'OPS', 400, 'Determines if the Scale is targeted toward the center or outer bounds.');
   %orm_insert('kriTemplate', 'x_targeted', 'OPS', 400, 'Determines if the Scale is targeted toward the center or outer bounds.');
   %orm_insert('kriObservation', 'x_normalized_score', 'NUM', null, 'Calculated Score Normalization.');
   

   Named Lists

    

   Named List	Named List Value	Named List Value Row Number	Description
   x_targeted_template	biggerBetter	1	As values increase, the indicator is improving.
   x_targeted_template	smallerBetter	2	As values decrease, the indicator is improving.
   x_targeted_template	targetedOutter	3	As values move away from the target from either direction, the indicator is improving.
   x_targeted_template	targetedCenter	4	As values move toward the target from either direction, the indicator is improving.
   x_targeted_kri	biggerBetter	1	As values increase, the indicator is improving.
   x_targeted_kri	smallerBetter	2	As values decrease, the indicator is improving.
   x_targeted_kri	targetedOutter	3	As values move away from the target from either direction, the indicator is improving.
   x_targeted_kri	targetedCenter	4	As values move toward the target from either direction, the indicator is improving.

    

    

   Add the following lines to <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasmisc/sample/config/load_named_lists.sas (after "%orm_load_translatable_options();" and before "%orm_post_load_processing();"), then execute the program:

   /* Kri Template and Indicator */
   %orm_insert('x_targeted_template', 'biggerBetter', 1);
   %orm_insert('x_targeted_template', 'smallerBetter', 2);
   %orm_insert('x_targeted_template', 'targetedOutter', 3);
   %orm_insert('x_targeted_template', 'targetedCenter', 4);
   
   %orm_insert('x_targeted_kri', 'biggerBetter', 1);
   %orm_insert('x_targeted_kri', 'smallerBetter', 2);
   %orm_insert('x_targeted_kri', 'targetedOutter', 3);
   %orm_insert('x_targeted_kri', 'targetedCenter', 4);
   
   

   Named List Mappings

    

   Business Object Type Name	Custom Field Name	Named List
   kri	x_targeted	x_targeted_kri
   kriTemplate	x_targeted	x_targeted_template

    

   Add the following lines to <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasmisc/sample/config/load_named_list_mappings.sas (after "proc sql noprint" and before "quit;") and execute it:

   /* Load named list mappings */
   
   %orm_insert('kri', 'x_targeted', 'x_targeted_kri');
   %orm_insert('kriTemplate', 'x_targeted', 'x_targeted_template');
   
   

   Updating KRI Report Keyword in SAS Management Console (SMC)

   To enable the updated report display of new Scale Types for KRI’s, references to the keyword ‘com.sas.oprisk.monitor.view.kri’ must be removed. These steps will detail removing from the default location in SMC, if you have customized your system to include the report in alternate locations you will need to address those as well.

   1. Login to SMC.
   2. Click on the "Folders" tab.
   3. Expand the following folder path "System -> Applications -> SAS Enterprise GRC Server -> Enterprise GRC Server 4.3"
   4. Click on the "EnterpriseGRC" folder.
   5. Right click on the "Key Risk Indicators" displayed on the right hand panel and select "Properties" from the displayed drop down.
   6. In the "Keywords:" section of the displayed popup click on ‘com.sas.oprisk.monitor.view.kri’.
   7. Click the "Delete" button.
   8. Click "Yes" in the Confirm Delete window.
   9. Click "Ok" at the bottom of the window.
   10. Exit SMC

D14025 for SAS Enterprise GRC Administrative Tools 4.3

1. As part of this hot fix, we moved the logic to validate Financial Effect Amount’s "Date of Booking", and Recovery’s "Accounting Date" to CPB. Please update your Screen Definitions for Financial Effect Amount, Direct Recovery Amount, and Insurance Recovery Amount with validation changes in following CPB XML files:

   <SASHome>/SASOpRiskMonitorAdministrativeTools/4.1/dbscripts/data/screenDefs/EffectAmount.xml
   <SASHome>/SASOpRiskMonitorAdministrativeTools/4.1/dbscripts/data/screenDefs/DirectRecoveryAmount.xml
   <SASHome>/SASOpRiskMonitorAdministrativeTools/4.1/dbscripts/data/screenDefs/InsuranceRecoveryAmount.xml

   For example, in EffectAmount.xml, we added this block of code to validate Financial Effect Amount’s "Date of Booking" field:

   <finalize>
   <validation test="dateOnOrAfterEventDiscoveryDate(financialEffect.businessObject)">
   <errmsg><message key="impactDetailFormEx.error.lossDateBeforeEventDiscoveryDate.txt" /></errmsg>
   </validation>
   </finalize>

   The new function "dateOnOrAfterEventDiscoveryDate" will validate if the Financial Effect Amount’s "Date of Booking" is on or after its corresponding Event’s Discovery Date.

   
   

2. This hot fix updates files used to customize the application's environment and functionality with new options. To use these new options, copy the picklist from the installed location to the configuration directory.

   Copy

   <SASHOME>/SASOpRiskMonitorAdministrativeToosl/4.1/picklist

   to

   <SASCONFIGDIR>/Applications/SASEnterpriseGRCAdminTools/4.3/dbscripts/picklist

D16011 for SAS Enterprise GRC Server 4.3

Notes

A fix has been added to improve the performance of the ETL job responsible for adding custom fields to the opdetail and opreport marts. In order to improve performance, a majority of the data processing is now being done in database. Once the data has been fully prepped, it is then pulled back into SAS datasets. In order to get the much needed performance improvements, we have had to reduce the custom field names from supporting 30 characters to 28 characters. If you have existing custom fields that are using all 30 characters, please update those custom fields to reduce them to 28 characters before applying this hot fix and running the next ETL job. The best practices for naming custom fields is listed below as a reminder.

Naming Conventions and Examples for Creating Custom Fields

It is recommended that you use a standard naming convention for any custom field that you create. The following constraints apply to custom fields:

• Names for custom fields must begin with a letter. Subsequent characters can be letters, numbers, or underscores. Spaces are not allowed.

• The character limit for new custom field names is 28 characters. This is to avoid errors when custom fields are populated to the report mart.

• A best practice is to prefix the custom field name with x_. When creating custom fields for the LinkInstance business object, for example, you should prefix the field name with x_link_ to prevent ambiguity with custom fields that have been created for other business objects.

The following files were updated as part of the this hot fix to address reported errors but are not directly copied to the <SASCONFIGDIR> in case there have been customizations performed to the files.

1. Backup any files that you have customized before copying the new versions of the files. After copying the new versions of the files, merge back in your customizations.

2. Copy the files listed below from

   <SASHOME>/SASFoundation/9.2

   misc/ormonitormva/sample/config/load_custom_field_defs.sas
   misc/ormonitormva/sample/config/load_named_list_mappings.sas
   misc/ormonitormva/sample/config/load_named_lists.sas
   misc/ormonitormva/sample/config/named_list_options.properties
   

   to

   <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/misc/sample/config

3. Copy

   <SASHOME>/SASFoundation/9.2

   misc/ormonitormva/sample/properties/customMessages.properties

   to

   <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/misc/sample/properties

4. Copy

   <SASHOME>/SASFoundation/9.2

   misc/ormonitormva/control/parent_managed_relationships.txt
   misc/ormonitormva/control/recovery_totals.txt
   misc/ormonitormva/control/kri_display_limit.txt

   to

   <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/misc/control

5. Copy the files below from

   <SASHOME>/SASFoundation/9.2

   ucmacros/ormonitormva/orm_create_control_files.sas
   ucmacros/ormonitormva/orm_loss_data_creator.sas
   ucmacros/ormonitormva/orm_export_to_var.sas
   ucmacros/ormonitormva/orm_pivot_datatype.sas
   ucmacros/ormonitormva/orm_pivot_driver.sas
   ucmacros/ormonitormva/orm_policy_data_creator.sas
   ucmacros/ormonitormva/orm_permissions_filter.sas
   

   to

   <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/ucmacros

6. Only if you have performed the "New KRI functionality" update steps should the following files be copied from their locations to the <SASCONFIGDIR> location:

   Copy

   <SASHOME>/SASFoundation/9.2/ucmacros/ormonitormva/orm_kri_data_creator.sas

   to

   <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/ucmacros

   Copy

   <SASHOME>/SASFoundation/9.2/sasstp/ormonitormva/key_risk_indicators.sas.orig
   <SASHOME>/SASFoundation/9.2/sasstp/ormonitormva/key_risk_indicators_custom.sas.orig
   <SASHOME>/SASFoundation/9.2/sasstp/ormonitormva/orm_job_user_synch.sas.orig
   

   to

   <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasstp

   Once the .orig files above has been moved, replace the @ORMONITOR_SASSTP_PATH@ token with the proper value for your install and remove the ‘.orig’ extension from the filename. When you remove the '.orig' extension, you will be replacing an exsiting file. Make a backup copy of the existing file first.
   

   Edit the orm_job_user_synch.sas file and replace the '@ormonconfig.user.group.name@' token with 'Enterprise GRC Users'.

   Verify that all Enterprise GRC users have READ, WRITE and EXECUTE permissions on the following folder:

   <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Libraries/opcntl

7. Rebuild the report mart by executing <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasstp/orm_job_create_all_full_load.sas.

8. Rename the original Key Risk Indicators report and register the custom Key Risk Indicator Report in SAS Management Console (SMC).

   1. Login to SMC.
   2. Click on the "Folders" tab.
   3. Expand the following folder path "System -> Applications -> SAS Enterprise GRC Server -> Enterprise GRC Server 4.3"
   4. Click on the "EnterpriseGRC" folder.
   5. Right click on the 'Key Risk Indicators' stored process displayed on the right hand panel and select "Copy" from the displayed drop down.
   6. Paste the report metadata in the same folder by right clicking on the "EnterpriseGRC" folder on the left hand panel and clicking 'Paste'.
   7. There should now be two reports in this folder with "Key Risk Indicators" in the name: i) Key Risk Indicators ii) Copy of Key Risk Indicators
   8. Right click on the 'Key Risk Indicators' report in order to change the properties on this report to disable it so, users will not see this report in the EGRC Reports tab.
   9. Click 'Properties', modify the "Name" to "Key Risk Indicators - Orig" and in the "Keywords" section of the displayable popup click on the "com.sas.oprisk.monitor.stp" keyword.
   10. Click the "Delete" button.
   11. Click "Yes" in the Confirm Delete window.
   12. Click "Ok" at the bottom of the window.
   13. Now, you have renamed the old KRI report and removed the report from the Reports tab. Next, we'll update the metadata for the new report.
   14. Right click on the 'Copy of Key Risk Indicators' report and select 'Properties' in order to change the properties on this report.
   15. Change the "Name" to "Key Risk Indicators" on the General tab.

       NOTE: The 'com.sas.oprisk.monitor.view.kri' may not be listed as a keyword since this keyword may have been removed during a previous hot fix install. If it is not present, skip Items P, Q and R below and proceed to item S.

   16. In the "Keywords:" section of the displayed popup click on ‘com.sas.oprisk.monitor.view.kri’.
   17. Click the "Delete" button.
   18. Click "Yes" in the Confirm Delete window.
   19. Click on the 'Execution' tab, change the source file name to "key_risk_indicators_custom.sas" and check the box next to "Package" in the "Result Capabilities" section at the bottom of this tab.
   20. Click 'OK' at the bottom of the window.
   21. Exist SMC.

9. Once all post-installation steps have been completed, restart the application server, and flush your browser caches of temporary internet files.

H86003 for SAS Enterprise GRC Mid-Tier Help and Documentation 4.3

NONE

This completes the installation of hot fix D17025 on HP-UX IPF.