Installation Instructions for Hot Fix D17033

64-bit Enabled AIX


Hot fix D17033 addresses the issue(s) in SAS Enterprise GRC 4.3 on 64-bit Enabled AIX as documented in the Issue(s) Addressed section of the hot fix download page:

http://ftp.sas.com/techsup/download/hotfix/HF2/D17.html#D17033


D17033 is a "container" hot fix that contains the following "member" hot fixes which will update the software components as indicated. See the Container Hot Fixes section in the Maintenance Install Tool (MIT) Usage Guide for more information about container hot fixes.

D14033 for SAS Enterprise GRC Administrative Tools 4.3
D15039 for SAS Enterprise GRC Mid-Tier 4.3
H86001 for SAS Enterprise GRC Mid-Tier Help and Documentation 4.3
D16011 for SAS Enterprise GRC Server 4.3

Before applying this hot fix, follow the instructions in SAS Note 35968 to generate a SAS Deployment Registry report, then verify that the appropriate product releases are installed on your system. The software components and release numbers should match the list of software components updated by the individual hot fix installers.


IMPORTANT NOTES

  1. Files delivered in this hot fix will be backed up during the installation process. However, it is good general practice to back up your system before applying updates to software.

  2. You must have Administrator Privileges on your CLIENT or SERVER machine.

  3. All currently active SAS sessions, daemons, spawners and servers must be terminated before applying this hot fix.

  4. This hot fix should be installed using the same userid who performed the initial software installation.

  5. After installing the hot fix if you get an exception like this when using SAS Enterprise GRC 4.3:
    an exception occurred processing JSP page /tiles/CSA/assessment/ratingsSummary/ratingsSummaryEditor.jsp
    then follow SAS Note 50525 for resolution.


INSTALLATION

This hot fix must be installed on each machine where the updated components of the product, listed above, are installed. The installation process will determine which components of SAS Enterprise GRC 4.3 are installed on each machine, and apply the appropriate updates.

If the updated components of this product are installed on multiple operating systems, you must download the hot fix for the appropriate operating system(s) and follow the installation instructions provided to complete the deployment of this hot fix.

The installer downloaded is D17033r6.bin.

When downloading SAS 9.2 hot fix packages, you must choose to Save the hot fix to disk, then execute the install from the saved location. Attempting to install a hot fix directly from the download page results in the error documented in SAS Note 37104.

To install the hot fix:

1. Verify that the installation binary has execute permission. If it does not, use the chmod command to make it executable.

$> chmod 755 D17033r6.bin
2. Set your $DISPLAY environment variable
export DISPLAY=<your_node_name>:0
3. Execute D17033r6.bin
<path_to_downloaded_file>/D17033r6.bin
    For example:
./D17033r6.bin

This will initiate the installation wizard, which will guide you through the hot fix installation process. During the installation you will be prompted for the SASHOME location to be updated. You should provide the path to the top level SAS directory where the deploymntreg directory exists.

See the Maintenance Install Tool (MIT) Usage Guide for more details on the installation of hot fixes.


The content of this hot fix is listed in the hot fix manifest.


This completes the installation of D17033. You must perform any "Post-Installation Instructions" documented below to successfully complete the deployment of this hot fix.


POST-INSTALLATION INSTRUCTIONS

For each product installed, click the link to be redirected to post-installation instructions.

D14033 for SAS Enterprise GRC Administrative Tools 4.3
D15039 for SAS Enterprise GRC Mid-Tier 4.3
H86001 for SAS Enterprise GRC Mid-Tier Help and Documentation 4.3
D16011 for SAS Enterprise GRC Server 4.3


D15039 for SAS Enterprise GRC Mid-Tier 4.3

Filter Attachments

As part of this hot fix, we added capabilities to filter the type of attachments allowed in the system. Please follow SAS Note 49870 for details.

Apply Web Application Overrides to SAS Enterprise GRC

As part of this hot fix, we added validation for x_target field to be numeric to the kriDefinitionWizardForm section of validation.xml.

As part of earlier hot fix

  1. we added validation for x_target field to be numeric to the IndicatorWizardForm section of validation.xml.

  2. we added validation for the custom field specified in "monitor.qba.sort.customfield.name" config option to be required in assessmentWizardForm section of validation.xml.
Please update your validation.xml in <SAS_CONFIG>/Web/Applications/SASEnterpriseGRCMidTier4.3/overrides/war/sas.oprisk.monitor/WEB-INF with the changes in following directory:
<SASHOME>/SASOpRiskMonitorMidTier/4.1/Static/wars/sas.oprisk.monitor/WEB-INF


Re-build and Re-deploy Web Application

This hot fix requires that the WebApp be rebuilt and redeployed. Use the following steps to perform this post-installation task:

Step 1: Re-build Web Application

In order for this step to execute correctly, the Metadata Server must be running.

1.1 Invoke the SAS Deployment Manager 9.2

From the SASDeploymentManager directory launch config.exe.
SAS Deployment Manager is installed in the following default location:

<SASHOME>/SASDeploymentManager/9.2

1.2 Select a language in the Choose Language box

1.3 Select Rebuild Web Applications

1.4 Select Configuration Directory or Enter the Configuration Directory and Level that needs to be updated

1.5 Specify Connection Information, including the sasadm User ID and Password

1.6 Select Enterprise GRC MidTier 4.3 as the Web Application to Rebuild

1.7 Verify the information on the Summary screen and select Start

1.8 Select Finish when the deployment is complete

This process will update the Enterprise GRC MidTier 4.3 ear in <SASCONFIGDIR>/Web/Staging.
A backup of the original ear file will be placed in the directory below:

<SASCONFIGDIR>/Web/Staging/Backup

Step 2: Re-deploy Web Applications

Re-deploy the web applications based on the instructions for the web application server you are using.

Step 3: Clear the AppServer cache.

For details, contact your administrator.

Notes

Two new parameters as follows are now available to be used to control if user can see the close or delete actions for these components.

CPB components:
RiskRatingsSummaryTable
ControlRatingsSummaryTable
New parameters are:
showCloseAction
showDeleteAction
The default value for these 2 parameters is "true" i.e. the close and delete actions will show. If users don't want to show the close and delete actions, then pass these parameters as "false".

Example: In RatingsSummary.xml

<field name="TEMP.populatedRisks" type="component"
component-name="RiskRatingsSummaryTable"
..........
<param name="showCloseAction" value="false" />
<param name="showDeleteAction" value="false" />
...........
</field>

With this hot fix, if the config option is set to monitor.validation.return.returnToOriginator=false, and the Kri Observation validator returns an observation, then it will go to the preceding stage instead of to the originator. However, the message shown during this observation return will still be something like :

Observation for "KRI name" returned to originator.

If user wants to set a different message for this case, then they need to set the key "KriObservationEditor.returnToPrecedingStage.fmt.txt" in customMessages.properties.

For example:

KriObservationEditor.returnToPrecedingStage.fmt.txt=Observation returned to preceding stage
If the above key is set, then it will display that message when returning observation. Otherwise, it will show the original message of observation returned to originator.

As part of the new feature for allowing multiple recommendations during Accept / Responsd phase of Assessment:

  1. Two new config options are introduced. Please add them to your configdata.properties file.
    For reference, check this file in the location:
    <SASHOME>/SASOpRiskMonitorMidTier/4.1/Config/Deployment/Content/Preload/Config

    monitor.risk.allowMultipleRecommendations=false
    monitor.risk.businessOwnerRecommendation.required=true
    Note: setting the above values i.e “monitor.risk.allowMultipleRecommendations=false” and “monitor.risk.businessOwnerRecommendation.required=true” will keep the out-of-box behavior as in the past, i.e., Business Owner can select only one recommendation or add only one recommendation during accept / respond phase of assessment.

  2. There are changes made to the RiskInstance screen definition. Please merge and upload the screen definition with these updates.

    Changes in RiskInstance.xml:

    Use the new SelectedRecommendationTableComponent by changing this line:
    From:   <field name="TEMP.selectedRecommendations" type="component" component-name="SelectedRecommendationTable" required="true">
    To:   <field name="TEMP.selectedRecommendations" type="component" component-name="SelectedRecommendationTableComponent" required="true">

    Make selected recommendation optional based on config option "monitor.risk.businessOwnerRecommendation.required", ie:
    Remove the required flag from the SelectedRecommendationTableComponent as in this line:

    <field name="TEMP.selectedRecommendations" type="component" component-name="SelectedRecommendationTableComponent">
    Add the line to require selectedRecommendation based on config option in the populatedAssessable.riskResponseTypeCd field as follows:
    <field name="populatedAssessable.riskResponseTypeCd" type="dropdown" required="true">
       <label><message key="populatedAssessable.field.riskResponseTypeCd.displayName.txt" /<>/label>
          <on-change>
             <set-visible name="populatedAssessable.acceptanceExpiryDt" test="populatedAssessable.riskResponseTypeCd = 'ACC'" />
             <set-visible name="TEMP.selectedRecommendations" test="populatedAssessable.riskResponseTypeCd = 'MIT'" />
             <set-required name="TEMP.selectedRecommendations" test="populatedAssessable.riskResponseTypeCd = 'MIT'
               and getConfigValue('monitor.risk.businessOwnerRecommendation.required') = 'true'"/>

          </on-change>
    </field>

  3. There are changes made to RiskRecommendation screen definition to allow users to flag which recommendation is *selected* out of the multiple recommendations (when monitor.risk.allowMultipleRecommendations=true). Please merge the changes from:
    In RiskRecommendation.xml
    In the initialize block, added:
    <if test="assessment.assessmentStageCd = 'ARD'">
    <set name="selectedFlg" value="true" />
    </if>
    <if test="assessment.assessmentStageCd = 'ASE'">
    <set name="selectedFlg" value="false" />
    </if>
    At the end of the screen, added a field for selectedFlg:
    <field name="selectedFlg" type="boolean" visible="false" >
    <label><message key="recommendation.useToCreateIAP" /></label>
    </field>

  4. Add the new customization file “RiskInstanceTableRecommendationEntryCustomizations.xml” that is added for the Selected Recommendation table to your content server from:
    <SASHOME>/SASOpRiskMonitorMidTier/4.1/Config/Deployment/Content/Preload/Config/Customizations/ RiskInstanceTableRecommendationEntryCustomizations.xml

  5. Add the following new message in customMessages.properties:
    recommendation.useToCreateIAP=Use this Recommendation to Create Issue and Action Plans

  6. These are some optional Customizations information that user can use for certain optional behaviors:
    1. If user wants to have an option to mark one of the recommendations created by Business owner as selected, then they can add the following update to RiskRecommendation.xml screen definition: Change the "selectedFlg" field
      from:
      <field name="selectedFlg" type="boolean" visible="false" >
      <label><message key="recommendation.useToCreateIAP" /></label>
      </field>
      to:
      <field name="selectedFlg" type="boolean" visible="assessment.assessmentStageCd = 'ARD'" >
      <label><message key="recommendation.useToCreateIAP" /></label>
      </field>

      and remove this from initialize block:

      <if test="assessment.assessmentStageCd = 'ARD'">
      <set name="selectedFlg" value="true" />
      </if>
      <if test="assessment.assessmentStageCd = 'ASE'">
      <set name="selectedFlg" value="false" />
      </if>

    2. If user wants to restrict to one selected recommendation, then they can add a validation in RiskInstance.xml screen definition similar to this:
      <if test="assessment.assessmentStageCd = 'ARD' and populatedAssessable.riskResponseTypeCd = 'MIT' and (getConfigValue('monitor.risk.businessOwnerRecommendation.required') EQ 'true')">
      <validation test="(size(filterRecommendations(populatedAssessable.recommendations, true, false, ratingsSummary.frozenDttm))) EQ 1">
      <errmsg><message key="one.recommendation.needed" /></errmsg>
      </validation>
      </if>
      And add the custom message in customMessages.properties:
      one.recommendation.needed= Only one Recommendation must be selected by the business owner during Accept/Respond phase
  7. New configuration options:

    This hot fix introduces new configuration options in the configdata.properties file:

    monitor.nameTxt.maxLength
    monitor.descTxt.maxLength
    monitor.helpTxt.maxLength

    For example, if user sets:

    monitor.nameTxt.maxLength=100
    monitor.descTxt.maxLength=1000
    monitor.helpTxt.maxLength=1000
    then it will give error during data load for KriTemplates and Kris if the name text has more than 100 chars and if description text and help texts have more than 1000 chars.

    monitor.change.reason.required
    monitor.change.reason.key.default

    If monitor.change.reason.required is set to false, GRC will not prompt for change reason. It will use default change reasons that are predefined in GRC or Workflow, and if none available, use the key value of monitor.change.reason.key.default found in customMessages.properties

    For example,

    monitor.change.reason.key.default=com.sas.egrc.sample.defaultChangeReason

    in customMessages.properties
    com.sas.egrc.sample.defaultChangeReason=This is my sample default change reason

    By default, monitor.change.reason.required is set to true.

    monitor.recovery.totalsUseBookedAmounts

    This option will limit recovery totals to use booked amounts, similar to financial effects. The default is set to false.

    - Set to 'true' to use only booked statuses in recovery totals
    - Set to 'false' to include all recovery statuses in recovery totals

    If the option is reset, the application server hosting GRC will need to be restarted.

    monitor.nonRevalidationFields.issue.enabled

    When this option is set to false, all changes in Issue would not cause revalidation.

    By default, or if not specified, this option is set to true.

    monitor.nonRevalidationFields.actionPlan.enabled

    When this option is set to false, all changes in Action Plan would not cause revalidation.

    By default, or if not specified, this option is set to true.

    monitor.validation.nearMissEvent.estimatedAmount

    When the monitor.validation.nearMissEvent.estimatedAmount is set to true, all "near miss" incidents validation stage calculation will based on Estimated Amount of the Incident. Other Incidents will continue to calculate based on total financial amounts.

    By default, or if not specified, this option is set to false.

    monitor.qba.sort.customfield.name

    This config option specifies the custom field name to store user's selection for sort order in Questionnaire Based Assessment (QBA). In this fix we provided changes in SAS code to add a custom field named "x_assessment_sort_order" for Assessment, but user can specify to another custom field with different name if needed. This custom field has to be mapped to the new named list "x_assessment_sort_order_option". If "x_assessment_sort_order" is not a custom field of Assessment, or whatever the custom field name specified by this config option does not exist, QBA will behave the same as before this fix.
    monitor.custfield.sort.riskEventTypes

    When this option is set to false, sorting of custom fields for Risk Event Types tables are disabled, which would improve UI performance in adding Risk Event Types to Questionnaire Templates in certain scenarios.

    By default, or if not specified, this option is set to true.

    monitor.custfield.sort.controlTypes

    When this option is set to false, sorting of custom fields for Control Types tables are disabled, which would improve UI performance in adding Control Types to Questionnaire Templates in certain scenarios.

    By default, or if not specified, this option is set to true.

    If any of the options are reset, the application server hosting GRC will need to be restarted.

    New KRI Functionality: NOTE: If you have completed these steps as part of a previous hot fix application, the steps below can be skipped:

    This hot fix introduces new KRI functionality. To enable the added KRI scale type functionality, Scale Type (4), you must add the following custom fields, named lists, and named list mappings to your system, and remove references to the ‘com.sas.oprisk.monitor.view.kri’ keyword in SAS Management Console.

    First, execute the program <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasstp/orm_job_autoexec.sas

    Custom Fields

     

    Business Object Type Name

    Custom Field Name

    Custom Field Type

    Description

    kri

    x_target

    NUM

    Enables KRI’s to display and store the target value associated with them.

    kriTemplate

    x_target

    NUM

    Enables KRI Definitions to display and store the target value associated with them.

    kri

    x_targeted

    OPS

    Allows saving of new options for KRI scale interpretations when Scale Type of “Scale (4)” is selected. The new options are “Improving Moving toward the center of the scale” and “Improving moving away from the center of the scale”.

    kriTemplate

    x_targeted

    OPS

    Allows saving of new options for KRI definition scale interpretations when Scale Type of “Scale (4)” is selected. The new options are “Improving Moving toward the center of the scale” and “Improving moving away from the center of the scale”.

    kriObservation

    x_normalized_score

    NUM

    Provides the ability for an observation's normalized score to be passed to the operand of ‘X_NORMALIZED_SCORE’ in KRI notification workflows.

     

    Add the following lines to <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasmisc/sample/config/load_custom_field_defs.sas (after "proc sql noprint;" and before "quit"), then execute the program:
    /* Kri Template and Indicator */
    %orm_insert('kri', 'x_target', 'NUM', null, 'Target Value for a targeted KRI.');
    %orm_insert('kriTemplate', 'x_target', 'NUM', null, 'Target Value for a targeted KRI.');
    %orm_insert('kri', 'x_targeted', 'OPS', 400, 'Determines if the Scale is targeted toward the center or outer bounds.');
    %orm_insert('kriTemplate', 'x_targeted', 'OPS', 400, 'Determines if the Scale is targeted toward the center or outer bounds.');
    %orm_insert('kriObservation', 'x_normalized_score', 'NUM', null, 'Calculated Score Normalization.');
    Named Lists

     

    Named List

    Named List Value

    Named List Value Row Number

    Description

    x_targeted_template

    biggerBetter

    1

    As values increase, the indicator is improving.

    x_targeted_template

    smallerBetter

    2

    As values decrease, the indicator is improving.

    x_targeted_template

    targetedOutter

    3

    As values move away from the target from either direction, the indicator is improving.

    x_targeted_template

    targetedCenter

    4

    As values move toward the target from either direction, the indicator is improving.

    x_targeted_kri

    biggerBetter

    1

    As values increase, the indicator is improving.

    x_targeted_kri

    smallerBetter

    2

    As values decrease, the indicator is improving.

    x_targeted_kri

    targetedOutter

    3

    As values move away from the target from either direction, the indicator is improving.

    x_targeted_kri

    targetedCenter

    4

    As values move toward the target from either direction, the indicator is improving.

     

     

    Add the following lines to <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasmisc/sample/config/load_named_lists.sas (after "%orm_load_translatable_options();" and before "%orm_post_load_processing();"), then execute the program:

    /* Kri Template and Indicator */
    %orm_insert('x_targeted_template', 'biggerBetter', 1);
    %orm_insert('x_targeted_template', 'smallerBetter', 2);
    %orm_insert('x_targeted_template', 'targetedOutter', 3);
    %orm_insert('x_targeted_template', 'targetedCenter', 4);

    %orm_insert('x_targeted_kri', 'biggerBetter', 1);
    %orm_insert('x_targeted_kri', 'smallerBetter', 2);
    %orm_insert('x_targeted_kri', 'targetedOutter', 3);
    %orm_insert('x_targeted_kri', 'targetedCenter', 4);

    Named List Mappings

     

    Business Object Type Name

    Custom Field Name

    Named List

    kri

    x_targeted

    x_targeted_kri

    kriTemplate

    x_targeted

    x_targeted_template

     

    Add the following lines to <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasmisc/sample/config/load_named_list_mappings.sas (after "proc sql noprint" and before "quit;") and execute it:

    /* Load named list mappings */

    %orm_insert('kri', 'x_targeted', 'x_targeted_kri');
    %orm_insert('kriTemplate', 'x_targeted', 'x_targeted_template');

    Updating KRI Report Keyword in SAS Management Console (SMC)

    To enable the updated report display of new Scale Types for KRI’s, references to the keyword ‘com.sas.oprisk.monitor.view.kri’ must be removed. These steps will detail removing from the default location in SMC, if you have customized your system to include the report in alternate locations you will need to address those as well.

    1. Login to SMC.
    2. Click on the "Folders" tab.
    3. Expand the following folder path "System -> Applications -> SAS Enterprise GRC Server -> Enterprise GRC Server 4.3"
    4. Click on the "EnterpriseGRC" folder.
    5. Right click on the "Key Risk Indicators" displayed on the right hand panel and select "Properties" from the displayed drop down.
    6. In the "Keywords:" section of the displayed popup click on ‘com.sas.oprisk.monitor.view.kri’.
    7. Click the "Delete" button.
    8. Click "Yes" in the Confirm Delete window.
    9. Click "Ok" at the bottom of the window.
    10. Exit SMC


D14033 for SAS Enterprise GRC Administrative Tools 4.3

  1. As part of this hot fix, we moved the logic to validate Financial Effect Amount’s "Date of Booking", and Recovery’s "Accounting Date" to CPB. Please update your Screen Definitions for Financial Effect Amount, Direct Recovery Amount, and Insurance Recovery Amount with validation changes in following CPB XML files:
    <SASHome>/SASOpRiskMonitorAdministrativeTools/4.1/dbscripts/data/screenDefs/EffectAmount.xml
    <SASHome>/SASOpRiskMonitorAdministrativeTools/4.1/dbscripts/data/screenDefs/DirectRecoveryAmount.xml
    <SASHome>/SASOpRiskMonitorAdministrativeTools/4.1/dbscripts/data/screenDefs/InsuranceRecoveryAmount.xml
    For example, in EffectAmount.xml, we added this block of code to validate Financial Effect Amount’s "Date of Booking" field:
    <finalize>
    <validation test="dateOnOrAfterEventDiscoveryDate(financialEffect.businessObject)">
    <errmsg><message key="impactDetailFormEx.error.lossDateBeforeEventDiscoveryDate.txt" /></errmsg>
    </validation>
    </finalize>
    The new function "dateOnOrAfterEventDiscoveryDate" will validate if the Financial Effect Amount’s "Date of Booking" is on or after its corresponding Event’s Discovery Date.


  2. This hot fix updates files used to customize the application's environment and functionality with new options. To use these new options, copy the picklist from the installed location to the configuration directory.

    Copy

    <SASHOME>/SASOpRiskMonitorAdministrativeToosl/4.1/picklist
    to
    <SASCONFIGDIR>/Applications/SASEnterpriseGRCAdminTools/4.3/dbscripts/picklist


D16011 for SAS Enterprise GRC Server 4.3

Notes

A fix has been added to improve the performance of the ETL job responsible for adding custom fields to the opdetail and opreport marts. In order to improve performance, a majority of the data processing is now being done in database. Once the data has been fully prepped, it is then pulled back into SAS datasets. In order to get the much needed performance improvements, we have had to reduce the custom field names from supporting 30 characters to 28 characters. If you have existing custom fields that are using all 30 characters, please update those custom fields to reduce them to 28 characters before applying this hot fix and running the next ETL job. The best practices for naming custom fields is listed below as a reminder.

Naming Conventions and Examples for Creating Custom Fields

It is recommended that you use a standard naming convention for any custom field that you create. The following constraints apply to custom fields:

• Names for custom fields must begin with a letter. Subsequent characters can be letters, numbers, or underscores. Spaces are not allowed.

• The character limit for new custom field names is 28 characters. This is to avoid errors when custom fields are populated to the report mart.

• A best practice is to prefix the custom field name with x_. When creating custom fields for the LinkInstance business object, for example, you should prefix the field name with x_link_ to prevent ambiguity with custom fields that have been created for other business objects.



The following files were updated as part of the this hot fix to address reported errors but are not directly copied to the <SASCONFIGDIR> in case there have been customizations performed to the files.

  1. Backup any files that you have customized before copying the new versions of the files. After copying the new versions of the files, merge back in your customizations.

  2. Copy the files listed below from
    <SASHOME>/SASFoundation/9.2
    misc/ormonitormva/sample/config/load_custom_field_defs.sas
    misc/ormonitormva/sample/config/load_named_list_mappings.sas
    misc/ormonitormva/sample/config/load_named_lists.sas
    misc/ormonitormva/sample/config/named_list_options.properties

    to

    <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/misc/sample/config

  3. Copy
    <SASHOME>/SASFoundation/9.2
    misc/ormonitormva/sample/properties/customMessages.properties

    to

    <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/misc/sample/properties

  4. Copy
    <SASHOME>/SASFoundation/9.2
    misc/ormonitormva/control/parent_managed_relationships.txt
    misc/ormonitormva/control/recovery_totals.txt
    misc/ormonitormva/control/kri_display_limit.txt

    to

    <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/misc/control

  5. Copy the files below from
    <SASHOME>/SASFoundation/9.2
    ucmacros/ormonitormva/orm_create_control_files.sas
    ucmacros/ormonitormva/orm_loss_data_creator.sas
    ucmacros/ormonitormva/orm_export_to_var.sas
    ucmacros/ormonitormva/orm_pivot_datatype.sas
    ucmacros/ormonitormva/orm_pivot_driver.sas
    ucmacros/ormonitormva/orm_policy_data_creator.sas
    ucmacros/ormonitormva/orm_permissions_filter.sas

    to

    <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/ucmacros

  6. Only if you have performed the "New KRI functionality" update steps should the following files be copied from their locations to the <SASCONFIGDIR> location:

    Copy

    <SASHOME>/SASFoundation/9.2/ucmacros/ormonitormva/orm_kri_data_creator.sas

    to

    <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/ucmacros
    Copy
    <SASHOME>/SASFoundation/9.2/sasstp/ormonitormva/key_risk_indicators.sas.orig
    <SASHOME>/SASFoundation/9.2/sasstp/ormonitormva/key_risk_indicators_custom.sas.orig
    <SASHOME>/SASFoundation/9.2/sasstp/ormonitormva/orm_job_user_synch.sas.orig

    to

    <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasstp
    Once the .orig files above has been moved, replace the @ORMONITOR_SASSTP_PATH@ token with the proper value for your install and remove the ‘.orig’ extension from the filename. When you remove the '.orig' extension, you will be replacing an exsiting file. Make a backup copy of the existing file first.

    Edit the orm_job_user_synch.sas file and replace the '@ormonconfig.user.group.name@' token with 'Enterprise GRC Users'.

    Verify that all Enterprise GRC users have READ, WRITE and EXECUTE permissions on the following folder:

    <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Libraries/opcntl

  7. Rebuild the report mart by executing <SASCONFIGDIR>/Applications/SASEnterpriseGRCServerCfg/4.3/Source/sasstp/orm_job_create_all_full_load.sas.

  8. Rename the original Key Risk Indicators report and register the custom Key Risk Indicator Report in SAS Management Console (SMC).
    1. Login to SMC.
    2. Click on the "Folders" tab.
    3. Expand the following folder path "System -> Applications -> SAS Enterprise GRC Server -> Enterprise GRC Server 4.3"
    4. Click on the "EnterpriseGRC" folder.
    5. Right click on the 'Key Risk Indicators' stored process displayed on the right hand panel and select "Copy" from the displayed drop down.
    6. Paste the report metadata in the same folder by right clicking on the "EnterpriseGRC" folder on the left hand panel and clicking 'Paste'.
    7. There should now be two reports in this folder with "Key Risk Indicators" in the name: i) Key Risk Indicators ii) Copy of Key Risk Indicators
    8. Right click on the 'Key Risk Indicators' report in order to change the properties on this report to disable it so, users will not see this report in the EGRC Reports tab.
    9. Click 'Properties', modify the "Name" to "Key Risk Indicators - Orig" and in the "Keywords" section of the displayable popup click on the "com.sas.oprisk.monitor.stp" keyword.
    10. Click the "Delete" button.
    11. Click "Yes" in the Confirm Delete window.
    12. Click "Ok" at the bottom of the window.
    13. Now, you have renamed the old KRI report and removed the report from the Reports tab. Next, we'll update the metadata for the new report.
    14. Right click on the 'Copy of Key Risk Indicators' report and select 'Properties' in order to change the properties on this report.
    15. Change the "Name" to "Key Risk Indicators" on the General tab.
      NOTE: The 'com.sas.oprisk.monitor.view.kri' may not be listed as a keyword since this keyword may have been removed during a previous hot fix install. If it is not present, skip Items P, Q and R below and proceed to item S.
    16. In the "Keywords:" section of the displayed popup click on ‘com.sas.oprisk.monitor.view.kri’.
    17. Click the "Delete" button.
    18. Click "Yes" in the Confirm Delete window.
    19. Click on the 'Execution' tab, change the source file name to "key_risk_indicators_custom.sas" and check the box next to "Package" in the "Result Capabilities" section at the bottom of this tab.
    20. Click 'OK' at the bottom of the window.
    21. Exist SMC.

  9. Once all post-installation steps have been completed, restart the application server, and flush your browser caches of temporary internet files.


H86001 for SAS Enterprise GRC Mid-Tier Help and Documentation 4.3

NONE


This completes the installation of hot fix D17033 on 64-bit Enabled AIX.