Hot fix D17033 addresses the issue(s) in SAS Enterprise GRC 4.3 on Windows for x64 as documented
in the Issue(s) Addressed section of the hot fix download page:
http://ftp.sas.com/techsup/download/hotfix/HF2/D17.html#D17033
D17033 is a "container" hot fix that contains the following "member" hot fixes which will update the software components
as indicated. See the Container Hot Fixes section in the
Maintenance Install Tool (MIT) Usage Guide
for more information about container hot fixes.
D14033 for SAS Enterprise GRC Administrative Tools 4.3
D15039 for SAS Enterprise GRC Mid-Tier 4.3
H86001 for SAS Enterprise GRC Mid-Tier Help and Documentation 4.3
D16011 for SAS Enterprise GRC Server 4.3
an exception occurred processing JSP page /tiles/CSA/assessment/ratingsSummary/ratingsSummaryEditor.jspthen follow SAS Note 50525 for resolution.
If the updated components of this product are installed on multiple operating systems, you must download the hot fix for the appropriate operating system(s) and follow the installation instructions provided to complete the deployment of this hot fix.
The installer downloaded is D17033x6.exe.
When downloading SAS 9.2 hot fix packages, you must choose to Save the hot fix to disk, then execute the install from the saved location. Attempting to install a hot fix directly from the download page results in the error documented in SAS Note 37104.
Note: If your Windows operating system is Windows Vista, Windows 7 or Windows Server 2008, it may be necessary to "right-click" D17033x6.exe and select "Run as administrator".
See the Maintenance Install Tool (MIT) Usage Guide for more details on the installation of hot fixes.
The content of this hot fix is listed in the hot fix manifest.
This completes the installation of D17033. You must perform any "Post-Installation Instructions" documented below
to successfully complete the deployment of this hot fix.
For each product installed, click the link to be redirected to
post-installation instructions.
D14033 for SAS Enterprise GRC Administrative Tools 4.3
D15039 for SAS Enterprise GRC Mid-Tier 4.3
H86001 for SAS Enterprise GRC Mid-Tier Help and Documentation 4.3
D16011 for SAS Enterprise GRC Server 4.3
D15039 for SAS Enterprise
GRC Mid-Tier 4.3
Filter Attachments
As part of this hot fix, we added capabilities to filter the type of attachments allowed in the system. Please follow SAS Note 49870 for details.
Apply Web Application Overrides to SAS Enterprise GRC
As part of this hot fix, we added validation for x_target field to be numeric to the kriDefinitionWizardForm section of validation.xml.
As part of earlier hot fix
Please update your validation.xml in <SAS_CONFIG>\Web\Applications\SASEnterpriseGRCMidTier4.3\overrides\war\sas.oprisk.monitor\WEB-INF with the changes in following directory:
- we added validation for x_target field to be numeric to the IndicatorWizardForm section of validation.xml.
- we added validation for the custom field specified in "monitor.qba.sort.customfield.name" config option to be required in assessmentWizardForm section of validation.xml.
<SASHOME>\SASOpRiskMonitorMidTier\4.1\Static\wars\sas.oprisk.monitor\WEB-INF
Re-build and Re-deploy Web Application
This hot fix requires that the WebApp be rebuilt and redeployed. Use the following steps to perform this post-installation task:
Step 1: Re-build Web ApplicationNotesIn order for this step to execute correctly, the Metadata Server must be running.
1.1 Invoke the SAS Deployment Manager 9.2
From the SASDeploymentManager directory launch config.exe.
SAS Deployment Manager is installed in the following default location:<SASHOME>\SASDeploymentManager\9.21.2 Select a language in the Choose Language box
1.3 Select Rebuild Web Applications
1.4 Select Configuration Directory or Enter the Configuration Directory and Level that needs to be updated
1.5 Specify Connection Information, including the sasadm User ID and Password
1.6 Select Enterprise GRC MidTier 4.3 as the Web Application to Rebuild
1.7 Verify the information on the Summary screen and select Start
1.8 Select Finish when the deployment is complete
This process will update the Enterprise GRC MidTier 4.3 ear in <SASCONFIGDIR>\Web\Staging.
A backup of the original ear file will be placed in the directory below:
<SASCONFIGDIR>\Web\Staging\Backup
Step 2: Re-deploy Web ApplicationsRe-deploy the web applications based on the instructions for the web application server you are using.
Step 3: Clear the AppServer cache.
For details, contact your administrator.
A fix has been added to display the ID of the assessable along with the name in the error message which shows up during sign-off when an assessable is not rated.
To see that change user needs to override the error message in customMessages.properties and pass in the additional placeholder for the id as follows:Originally the error messages are as follows:
#{0}Summary object display name {1} summary object name answerSheet.assessableIncompleteForSignOff.fmt.txt=Ratings and/or justifications must be filled out for the following object before sign-off can occur: {0} "{1}" #{0}ControlInstance name {1} RiskInstance name answerSheet.controlIncompleteForSignOff.fmt.txt=Ratings and/or justifications must be filled out for control "{0}" (mapped to risk "{1}") before sign-off can occur.To override the above messages, add these lines in customMessages.properties:#{0}Summary object display name {1} summary object name {2}summary object ID answerSheet.assessableIncompleteForSignOff.fmt.txt=Ratings and/or justifications must be filled out for the following object before sign-off can occur: {0} "{1}" - id: "{2}" #{0}ControlInstance name {1} RiskInstance name {2}ControlInstance ID {3}RiskInstance ID answerSheet.controlIncompleteForSignOff.fmt.txt=Ratings and/or justifications must be filled out for control "{0}" - id: "{2}" (mapped to risk "{1}" - id: "{3}") before sign-off can occur.
Two new parameters as follows are now available to be used to control if user can see the close or delete actions for these components.
CPB components:RiskRatingsSummaryTableNew parameters are:
ControlRatingsSummaryTableshowCloseActionThe default value for these 2 parameters is "true" i.e. the close and delete actions will show. If users don't want to show the close and delete actions, then pass these parameters as "false".
showDeleteActionExample: In RatingsSummary.xml
<field name="TEMP.populatedRisks" type="component"
component-name="RiskRatingsSummaryTable"
..........
<param name="showCloseAction" value="false" />
<param name="showDeleteAction" value="false" />
...........
</field>
With this hot fix, if the config option is set to monitor.validation.return.returnToOriginator=false, and the Kri Observation validator returns an observation, then it will go to the preceding stage instead of to the originator. However, the message shown during this observation return will still be something like :
Observation for "KRI name" returned to originator.
If user wants to set a different message for this case, then they need to set the key "KriObservationEditor.returnToPrecedingStage.fmt.txt" in customMessages.properties.
For example:
KriObservationEditor.returnToPrecedingStage.fmt.txt=Observation returned to preceding stageIf the above key is set, then it will display that message when returning observation. Otherwise, it will show the original message of observation returned to originator.
As part of the new feature for allowing multiple recommendations during Accept / Responsd phase of Assessment:
<SASHOME>\SASOpRiskMonitorMidTier\4.1\Config\Deployment\Content\Preload\Config
monitor.risk.allowMultipleRecommendations=falseNote: setting the above values i.e “monitor.risk.allowMultipleRecommendations=false” and “monitor.risk.businessOwnerRecommendation.required=true” will keep the out-of-box behavior as in the past, i.e., Business Owner can select only one recommendation or add only one recommendation during accept / respond phase of assessment.
monitor.risk.businessOwnerRecommendation.required=true
Changes in RiskInstance.xml:
Use the new SelectedRecommendationTableComponent by changing this line:New configuration options:From: <field name="TEMP.selectedRecommendations" type="component" component-name="SelectedRecommendationTable" required="true">To: <field name="TEMP.selectedRecommendations" type="component" component-name="SelectedRecommendationTableComponent" required="true">Make selected recommendation optional based on config option "monitor.risk.businessOwnerRecommendation.required", ie:
Remove the required flag from the SelectedRecommendationTableComponent as in this line:<field name="TEMP.selectedRecommendations" type="component" component-name="SelectedRecommendationTableComponent">Add the line to require selectedRecommendation based on config option in the populatedAssessable.riskResponseTypeCd field as follows:<field name="populatedAssessable.riskResponseTypeCd" type="dropdown" required="true">
<label><message key="populatedAssessable.field.riskResponseTypeCd.displayName.txt" /<>/label>
<on-change>
<set-visible name="populatedAssessable.acceptanceExpiryDt" test="populatedAssessable.riskResponseTypeCd = 'ACC'" />
<set-visible name="TEMP.selectedRecommendations" test="populatedAssessable.riskResponseTypeCd = 'MIT'" />
<set-required name="TEMP.selectedRecommendations" test="populatedAssessable.riskResponseTypeCd = 'MIT'
and getConfigValue('monitor.risk.businessOwnerRecommendation.required') = 'true'"/>
</on-change>
</field>
- There are changes made to RiskRecommendation screen definition to allow users to flag which recommendation is *selected* out of the multiple recommendations (when monitor.risk.allowMultipleRecommendations=true). Please merge the changes from:
In RiskRecommendation.xml
In the initialize block, added:<if test="assessment.assessmentStageCd = 'ARD'">At the end of the screen, added a field for selectedFlg:
<set name="selectedFlg" value="true" />
</if>
<if test="assessment.assessmentStageCd = 'ASE'">
<set name="selectedFlg" value="false" />
</if><field name="selectedFlg" type="boolean" visible="false" >
<label><message key="recommendation.useToCreateIAP" /></label>
</field>
- Add the new customization file “RiskInstanceTableRecommendationEntryCustomizations.xml” that is added for the Selected Recommendation table to your content server from:
<SASHOME>\SASOpRiskMonitorMidTier\4.1\Config\Deployment\Content\Preload\Config\Customizations\ RiskInstanceTableRecommendationEntryCustomizations.xml
- Add the following new message in customMessages.properties:
recommendation.useToCreateIAP=Use this Recommendation to Create Issue and Action Plans
- These are some optional Customizations information that user can use for certain optional behaviors:
- If user wants to have an option to mark one of the recommendations created by Business owner as selected, then they can add the following update to RiskRecommendation.xml screen definition: Change the "selectedFlg" field
from:
<field name="selectedFlg" type="boolean" visible="false" >
<label><message key="recommendation.useToCreateIAP" /></label>
</field>
to:
<field name="selectedFlg" type="boolean" visible="assessment.assessmentStageCd = 'ARD'" >
<label><message key="recommendation.useToCreateIAP" /></label>
</field>and remove this from initialize block:
<if test="assessment.assessmentStageCd = 'ARD'">
<set name="selectedFlg" value="true" />
</if>
<if test="assessment.assessmentStageCd = 'ASE'">
<set name="selectedFlg" value="false" />
</if>
- If user wants to restrict to one selected recommendation, then they can add a validation in RiskInstance.xml screen definition similar to this:
<if test="assessment.assessmentStageCd = 'ARD' and populatedAssessable.riskResponseTypeCd = 'MIT' and (getConfigValue('monitor.risk.businessOwnerRecommendation.required') EQ 'true')">And add the custom message in customMessages.properties:
<validation test="(size(filterRecommendations(populatedAssessable.recommendations, true, false, ratingsSummary.frozenDttm))) EQ 1">
<errmsg><message key="one.recommendation.needed" /></errmsg>
</validation>
</if>one.recommendation.needed= Only one Recommendation must be selected by the business owner during Accept/Respond phase
monitor.nameTxt.maxLength
monitor.descTxt.maxLength
monitor.helpTxt.maxLength
For example, if user sets:
monitor.nameTxt.maxLength=100then it will give error during data load for KriTemplates and Kris if the name text has more than 100 chars and if description text and help texts have more than 1000 chars.
monitor.descTxt.maxLength=1000
monitor.helpTxt.maxLength=1000
monitor.change.reason.required
monitor.change.reason.key.default
If monitor.change.reason.required is set to false, GRC will not prompt for change reason. It will use default change reasons that are predefined in GRC or Workflow, and if none available, use the key value of monitor.change.reason.key.default found in customMessages.properties
For example,monitor.recovery.totalsUseBookedAmounts
monitor.change.reason.key.default=com.sas.egrc.sample.defaultChangeReasonin customMessages.properties
com.sas.egrc.sample.defaultChangeReason=This is my sample default change reasonBy default, monitor.change.reason.required is set to true.
This option will limit recovery totals to use booked amounts, similar to financial effects. The default is set to false.
- Set to 'true' to use only booked statuses in recovery totals
- Set to 'false' to include all recovery statuses in recovery totals
If the option is reset, the application server hosting GRC will need to be restarted.
monitor.nonRevalidationFields.issue.enabled
When this option is set to false, all changes in Issue would not cause revalidation.By default, or if not specified, this option is set to true.
monitor.nonRevalidationFields.actionPlan.enabled
When this option is set to false, all changes in Action Plan would not cause revalidation.By default, or if not specified, this option is set to true.
monitor.validation.nearMissEvent.estimatedAmount
When the monitor.validation.nearMissEvent.estimatedAmount is set to true, all "near miss" incidents validation stage calculation will based on Estimated Amount of the Incident. Other Incidents will continue to calculate based on total financial amounts.By default, or if not specified, this option is set to false.
monitor.qba.sort.customfield.name
This config option specifies the custom field name to store user's selection for sort order in Questionnaire Based Assessment (QBA). In this fix we provided changes in SAS code to add a custom field named "x_assessment_sort_order" for Assessment, but user can specify to another custom field with different name if needed. This custom field has to be mapped to the new named list "x_assessment_sort_order_option". If "x_assessment_sort_order" is not a custom field of Assessment, or whatever the custom field name specified by this config option does not exist, QBA will behave the same as before this fix.monitor.custfield.sort.riskEventTypes
When this option is set to false, sorting of custom fields for Risk Event Types tables are disabled, which would improve UI performance in adding Risk Event Types to Questionnaire Templates in certain scenarios.By default, or if not specified, this option is set to true.
monitor.custfield.sort.controlTypes
When this option is set to false, sorting of custom fields for Control Types tables are disabled, which would improve UI performance in adding Control Types to Questionnaire Templates in certain scenarios.By default, or if not specified, this option is set to true.
If any of the options are reset, the application server hosting GRC will need to be restarted.
New KRI Functionality: NOTE: If you have completed these steps as part of
a previous hot fix application, the steps below can be skipped:
This
hot fix introduces new KRI functionality. To enable the added KRI scale type
functionality, Scale Type (4), you must add the following custom fields, named
lists, and named list mappings to your system, and remove references to the
‘com.sas.oprisk.monitor.view.kri’ keyword in SAS Management Console.
First, execute the program <SASCONFIGDIR>\Applications\SASEnterpriseGRCServerCfg\4.3\Source\sasstp\orm_job_autoexec.sas
Custom Fields
Business Object Type Name |
Custom Field Name |
Custom Field Type |
Description |
kri |
x_target |
NUM |
Enables KRI’s to display and store the target value
associated with them. |
kriTemplate |
x_target |
NUM |
Enables KRI Definitions to display and store the
target value associated with them. |
kri |
x_targeted |
OPS |
Allows saving of new options for KRI scale
interpretations when Scale Type of “Scale (4)” is selected. The new
options are “Improving Moving toward the center of the scale” and
“Improving moving away from the center of the
scale”. |
kriTemplate |
x_targeted |
OPS |
Allows saving of new options for KRI definition scale
interpretations when Scale Type of “Scale (4)” is selected. The new
options are “Improving Moving toward the center of the scale” and
“Improving moving away from the center of the
scale”. |
kriObservation |
x_normalized_score |
NUM |
Provides the ability for an observation's normalized
score to be passed to the operand of ‘X_NORMALIZED_SCORE’ in KRI notification
workflows. |
/* Kri Template and Indicator */Named Lists
%orm_insert('kri', 'x_target', 'NUM', null, 'Target Value for a targeted KRI.');
%orm_insert('kriTemplate', 'x_target', 'NUM', null, 'Target Value for a targeted KRI.');
%orm_insert('kri', 'x_targeted', 'OPS', 400, 'Determines if the Scale is targeted toward the center or outer bounds.');
%orm_insert('kriTemplate', 'x_targeted', 'OPS', 400, 'Determines if the Scale is targeted toward the center or outer bounds.');
%orm_insert('kriObservation', 'x_normalized_score', 'NUM', null, 'Calculated Score Normalization.');
Named List |
Named List Value |
Named List Value Row Number |
Description |
x_targeted_template |
biggerBetter |
1 |
As values increase, the indicator is
improving. |
x_targeted_template |
smallerBetter |
2 |
As values decrease, the indicator is
improving. |
x_targeted_template |
targetedOutter |
3 |
As values move away from the target from either
direction, the indicator is improving. |
x_targeted_template |
targetedCenter |
4 |
As values move toward the target from either
direction, the indicator is improving. |
x_targeted_kri |
biggerBetter |
1 |
As values increase, the indicator is
improving. |
x_targeted_kri |
smallerBetter |
2 |
As values decrease, the indicator is
improving. |
x_targeted_kri |
targetedOutter |
3 |
As values move away from the target from either
direction, the indicator is improving. |
x_targeted_kri |
targetedCenter |
4 |
As values move toward the target from either
direction, the indicator is improving. |
/* Kri Template and Indicator */
%orm_insert('x_targeted_template',
'biggerBetter', 1);
%orm_insert('x_targeted_template', 'smallerBetter',
2);
%orm_insert('x_targeted_template', 'targetedOutter', 3);
%orm_insert('x_targeted_template', 'targetedCenter', 4);
%orm_insert('x_targeted_kri', 'biggerBetter', 1);
%orm_insert('x_targeted_kri', 'smallerBetter', 2);
%orm_insert('x_targeted_kri', 'targetedOutter', 3);
%orm_insert('x_targeted_kri', 'targetedCenter', 4);
Named List Mappings
Business Object Type Name |
Custom Field Name |
Named List |
kri |
x_targeted |
x_targeted_kri |
kriTemplate |
x_targeted |
x_targeted_template |
Add the following lines to <SASCONFIGDIR>\Applications\SASEnterpriseGRCServerCfg\4.3\Source\sasmisc\sample\config\load_named_list_mappings.sas (after "proc sql noprint" and before "quit;") and execute it:
/* Load named list mappings */Updating KRI Report Keyword in SAS Management Console (SMC)
%orm_insert('kri', 'x_targeted', 'x_targeted_kri');
%orm_insert('kriTemplate', 'x_targeted', 'x_targeted_template');
To enable the updated report display of new Scale Types for KRI’s, references to the keyword ‘com.sas.oprisk.monitor.view.kri’ must be removed. These steps will detail removing from the default location in SMC, if you have customized your system to include the report in alternate locations you will need to address those as well.
- Login to SMC.
- Click on the "Folders" tab.
- Expand the following folder path "System -> Applications -> SAS Enterprise GRC Server -> Enterprise GRC Server 4.3"
- Click on the "EnterpriseGRC" folder.
- Right click on the "Key Risk Indicators" displayed on the right hand panel and select "Properties" from the displayed drop down.
- In the "Keywords:" section of the displayed popup click on ‘com.sas.oprisk.monitor.view.kri’.
- Click the "Delete" button.
- Click "Yes" in the Confirm Delete window.
- Click "Ok" at the bottom of the window.
- Exit SMC
D14033 for SAS Enterprise
GRC Administrative Tools 4.3
<SASHome>\SASOpRiskMonitorAdministrativeTools\4.1\dbscripts\data\screenDefs\EffectAmount.xmlFor example, in EffectAmount.xml, we added this block of code to validate Financial Effect Amount’s "Date of Booking" field:
<SASHome>\SASOpRiskMonitorAdministrativeTools\4.1\dbscripts\data\screenDefs\DirectRecoveryAmount.xml
<SASHome>\SASOpRiskMonitorAdministrativeTools\4.1\dbscripts\data\screenDefs\InsuranceRecoveryAmount.xml
<finalize>The new function "dateOnOrAfterEventDiscoveryDate" will validate if the Financial Effect Amount’s "Date of Booking" is on or after its corresponding Event’s Discovery Date.
<validation test="dateOnOrAfterEventDiscoveryDate(financialEffect.businessObject)">
<errmsg><message key="impactDetailFormEx.error.lossDateBeforeEventDiscoveryDate.txt" /></errmsg>
</validation>
</finalize>
Copy
<SASHOME>\SASOpRiskMonitorAdministrativeToosl\4.1\picklistto
<SASCONFIGDIR>\Applications\SASEnterpriseGRCAdminTools\4.3\dbscripts\picklist
D16011 for SAS Enterprise
GRC Server 4.3
Notes
A fix has been added to improve the performance of the ETL job responsible for adding custom fields to the opdetail and opreport marts. In order to improve performance, a majority of the data processing is now being done in database. Once the data has been fully prepped, it is then pulled back into SAS datasets. In order to get the much needed performance improvements, we have had to reduce the custom field names from supporting 30 characters to 28 characters. If you have existing custom fields that are using all 30 characters, please update those custom fields to reduce them to 28 characters before applying this hot fix and running the next ETL job. The best practices for naming custom fields is listed below as a reminder.
Naming Conventions and Examples for Creating Custom FieldsIt is recommended that you use a standard naming convention for any custom field that you create. The following constraints apply to custom fields:
• Names for custom fields must begin with a letter. Subsequent characters can be letters, numbers, or underscores. Spaces are not allowed.
• The character limit for new custom field names is 28 characters. This is to avoid errors when custom fields are populated to the report mart.
• A best practice is to prefix the custom field name with x_. When creating custom fields for the LinkInstance business object, for example, you should prefix the field name with x_link_ to prevent ambiguity with custom fields that have been created for other business objects.
The following files were updated as
part of the this hot fix to address reported errors but are not directly copied
to the <SASCONFIGDIR> in case there have been customizations performed to
the files.
<SASHOME>\SASFoundation\9.2ormonitormva\sasmisc\sample\config\load_custom_field_defs.sas
ormonitormva\sasmisc\sample\config\load_named_list_mappings.sas
ormonitormva\sasmisc\sample\config\load_named_lists.sas
ormonitormva\sasmisc\sample\config\named_list_options.propertiesto
<SASCONFIGDIR>\Applications\SASEnterpriseGRCServerCfg\4.3\Source\misc\sample\config
<SASHOME>\SASFoundation\9.2ormonitormva\sasmisc\sample\properties\customMessages.propertiesto
<SASCONFIGDIR>\Applications\SASEnterpriseGRCServerCfg\4.3\Source\misc\sample\properties
<SASHOME>\SASFoundation\9.2ormonitormva\sasmisc\control\parent_managed_relationships.txt
ormonitormva\sasmisc\control\recovery_totals.txt
ormonitormva\sasmisc\control\kri_display_limit.txtto
<SASCONFIGDIR>\Applications\SASEnterpriseGRCServerCfg\4.3\Source\misc\control
<SASHOME>\SASFoundation\9.2ormonitormva\ucmacros\orm_create_control_files.sas
ormonitormva\ucmacros\orm_loss_data_creator.sas
ormonitormva\ucmacros\orm_export_to_var.sas
ormonitormva\ucmacros\orm_pivot_datatype.sas
ormonitormva\ucmacros\orm_pivot_driver.sas
ormonitormva\ucmacros\orm_policy_data_creator.sas
ormonitormva\ucmacros\orm_permissions_filter.sasto
<SASCONFIGDIR>\Applications\SASEnterpriseGRCServerCfg\4.3\Source\ucmacros
Copy
<SASHOME>\SASFoundation\9.2\ormonitormva\ucmacros\orm_kri_data_creator.sasto
<SASCONFIGDIR>\Applications\SASEnterpriseGRCServerCfg\4.3\Source\ucmacrosCopy
<SASHOME>\SASFoundation\9.2\ormonitormva\sasstp\key_risk_indicators.sas.orig
<SASHOME>\SASFoundation\9.2\ormonitormva\sasstp\key_risk_indicators_custom.sas.orig
<SASHOME>\SASFoundation\9.2\ormonitormva\sasstp\orm_job_user_synch.sas.orig
to
<SASCONFIGDIR>\Applications\SASEnterpriseGRCServerCfg\4.3\Source\sasstpOnce the .orig files above has been moved, replace the @ORMONITOR_SASSTP_PATH@ token with the proper value for your install and remove the ‘.orig’ extension from the filename. When you remove the '.orig' extension, you will be replacing an exsiting file. Make a backup copy of the existing file first.
Edit the orm_job_user_synch.sas file and replace the '@ormonconfig.user.group.name@' token with 'Enterprise GRC Users'.
Verify that all Enterprise GRC users have READ, WRITE and EXECUTE permissions on the following folder:
<SASCONFIGDIR>\Applications\SASEnterpriseGRCServerCfg\4.3\Libraries\opcntl
- Login to SMC.
- Click on the "Folders" tab.
- Expand the following folder path "System -> Applications -> SAS Enterprise GRC Server -> Enterprise GRC Server 4.3"
- Click on the "EnterpriseGRC" folder.
- Right click on the 'Key Risk Indicators' stored process displayed on the right hand panel and select "Copy" from the displayed drop down.
- Paste the report metadata in the same folder by right clicking on the "EnterpriseGRC" folder on the left hand panel and clicking 'Paste'.
- There should now be two reports in this folder with "Key Risk Indicators" in the name: i) Key Risk Indicators ii) Copy of Key Risk Indicators
- Right click on the 'Key Risk Indicators' report in order to change the properties on this report to disable it so, users will not see this report in the EGRC Reports tab.
- Click 'Properties', modify the "Name" to "Key Risk Indicators - Orig" and in the "Keywords" section of the displayable popup click on the "com.sas.oprisk.monitor.stp" keyword.
- Click the "Delete" button.
- Click "Yes" in the Confirm Delete window.
- Click "Ok" at the bottom of the window.
- Now, you have renamed the old KRI report and removed the report from the Reports tab. Next, we'll update the metadata for the new report.
- Right click on the 'Copy of Key Risk Indicators' report and select 'Properties' in order to change the properties on this report.
- Change the "Name" to "Key Risk Indicators" on the General tab.
NOTE: The 'com.sas.oprisk.monitor.view.kri' may not be listed as a keyword since this keyword may have been removed during a previous hot fix install. If it is not present, skip Items P, Q and R below and proceed to item S.- In the "Keywords:" section of the displayed popup click on ‘com.sas.oprisk.monitor.view.kri’.
- Click the "Delete" button.
- Click "Yes" in the Confirm Delete window.
- Click on the 'Execution' tab, change the source file name to "key_risk_indicators_custom.sas" and check the box next to "Package" in the "Result Capabilities" section at the bottom of this tab.
- Click 'OK' at the bottom of the window.
- Exist SMC.
H86001 for SAS Enterprise
GRC Mid-Tier Help and Documentation 4.3
NONE
This completes the installation of hot fix D17033 on Windows for x64.