Installation Instructions for Hot Fix D41013

Linux for x64


Hot fix D41013 addresses the issue(s) in SAS Enterprise GRC 4.2 on Linux for x64 as documented in the Issue(s) Addressed section of the hot fix download page:

http://ftp.sas.com/techsup/download/hotfix/HF2/D41.html#D41013


D41013 is a "container" hot fix that contains the following "member" hot fixes which will update the software components as indicated. See the Container Hot Fixes section in the Maintenance Install Tool (MIT) Usage Guide for more information about container hot fixes.

D39012 for SAS Enterprise GRC Administrative Tools 4.2
D40014 for SAS Enterprise GRC Mid-Tier 4.2
E19002 for SAS Enterprise GRC Server 4.2

Before applying this hot fix, follow the instructions in SAS Note 35968 to generate a SAS Deployment Registry report, then verify that the appropriate product releases are installed on your system. The software components and release numbers should match the list of software components updated by the individual hot fix installers.


IMPORTANT NOTES

  1. Files delivered in this hot fix will be backed up during the installation process. However, it is good general practice to back up your system before applying updates to software.

  2. You must have Administrator Privileges on your CLIENT or SERVER machine.

  3. All currently active SAS sessions, daemons, spawners and servers must be terminated before applying this hot fix.

  4. This hot fix should be installed using the same userid who performed the initial software installation.


INSTALLATION

This hot fix must be installed on each machine where the updated components of the product, listed above, are installed. The installation process will determine which components of SAS Enterprise GRC 4.2 are installed on each machine, and apply the appropriate updates.

If the updated components of this product are installed on multiple operating systems, you must download the hot fix for the appropriate operating system(s) and follow the installation instructions provided to complete the deployment of this hot fix.

The installer downloaded is D41013la.bin. To install the hot fix:

1. Verify that the installation binary has execute permission. If it does not, use the chmod command to make it executable.

$> chmod 755 D41013la.bin
2. Set your $DISPLAY environment variable
export DISPLAY=<your_node_name>:0
3. Execute D41013la.bin
<path_to_downloaded_file>/D41013la.bin
    For example:
./D41013la.bin

This will initiate the installation wizard, which will guide you through the hot fix installation process. During the installation you will be prompted for the SASHOME location to be updated. You should provide the path to the top level SAS directory where the deploymntreg directory exists.

See the Maintenance Install Tool (MIT) Usage Guide for more details on the installation of hot fixes.

This completes the installation of D41013. You must perform any "Post-Installation Instructions" documented below to successfully complete the deployment of this hot fix.


POST-INSTALLATION INSTRUCTIONS

For each product installed, click the link to be redirected to post-installation instructions.

D39012 for SAS Enterprise GRC Administrative Tools 4.2
D40014 for SAS Enterprise GRC Mid-Tier 4.2
E19002 for SAS Enterprise GRC Server 4.2


D39012 for SAS Enterprise GRC Administrative Tools 4.2

Step 1: Restore Customizations

This hot fix installs updated versions of Assessment.xml and IncidentEvent.xml files in the following location:

!SASHOME/SASOpRiskMonitorAdministrativeTools/4.1/dbscripts/data/screenDefs
These updated versions can be used to help you apply new customizations to your current versions of these files.

Step 2: Update dbscripts picklist

Copy the following file:

<SASHOME>/SASOpRiskMonitorAdministrativeTools/4.2/dbscripts/picklist

to

<SASCONFIG>/Applications/SASOpRiskMonitorAdminTools/4.2/dbscripts


D40014 for SAS Enterprise GRC Mid-Tier 4.2

Changes in this hot fix require rebuilding and redeploying of the Mid-Tier:

Step 1: Re-build Web Application

In order for this step to execute correctly, the Metadata Server must be running.

1.1 Invoke the SAS Deployment Manager 9.2

From the SASDeploymentManager directory launch config.sh.
SAS Deployment Manager is installed in the following default location:

<SASHOME>/SASDeploymentManager/9.2

1.2 Select a language in the Choose Language box

1.3 Select Rebuild Web Applications

1.4 Select Configuration Directory or Enter the Configuration Directory and Level that needs to be updated

1.5 Specify Connection Information, including the sasadm User ID and Password

1.6 Select OpRisk Monitor MidTier 4.2 as the Web Application to Rebuild

1.7 Verify the information on the Summary screen and select Start

1.8 Select Finish when the deployment is complete

This process will update the OpRisk Monitor MidTier 4.2 ear in <SASCONFIGDIR>/Web/Staging.
A backup of the original ear file will be placed in the directory below:

<SASCONFIGDIR>/Web/Staging/Backup

Step 2: Re-deploy Web Applications

2.1 Re-deploy the web applications based on the instructions for the web application server you are using.

Notes: Notes:

-  With this fix, a new functionality is provided to order assessables in QBA. As part of that, a new config option "monitor.qba.sort.customfield.name"
   is added to the system.
The functions allow users to sort Questionnaires in Questionnaires Based Assessment by - default sort order, in which Questionnaires associated with Risks are answered first, then those associated with Controls; - Residual Risk Option, in which Questionnaires of each Controls and its associated Risks are answered first, before proceeding to the next Control; - Inherent Risk Option, in which Questionnaires of each Risk and its associated Controls are answered first, before proceeding to the next Risk; Users can control the sort order by adding an extra single value option (OPS) custom field to Assessment business object. By default the custom field is named "x_assessment_sort_order", but customers can rename the custom field of their choices, and specify the new custom field name in this config option. This custom field has to associated to a named list with 3 values: 'DEFAULT', 'CONTROLS_X_RISKS' and 'RISKS_X_CONTROLS'. For more information about how to create custom field and named list, please refer to "Configure Custom Fields and Named List" in SAS EGRC Admin Guide. Add a validation for the custom field x_assessment_sort_order to make it required in validation.xml as follows: <field property="customField(x_assessment_sort_order)" depends="required"> <msg name="required" key="errors.required.fmt.txt" /> <arg0 key="assessment.field.x_assessment_sort_order.displayName.txt" /> </field> Also please add following suggested entries in customMessages.properties. Please change the key name of the last entry appropriately if the new custom field for Assessment is not named "x_assessment_sort_order". AssessmentWizard.relatedInstances.txt=Related Items AssessmentWizard.relatedInstances.name.txt=Name AssessmentWizard.relatedInstances.type.txt=Type AssessmentWizard.relatedInstances.answered.questions.txt=Answered Questions AssessmentWizard.relatedInstances.unanswered.questions.txt=Unanswered Questions AssessmentWizard.relatedInstances.complete.txt=Complete assessment.field.x_assessment_sort_order.displayName.txt=Assessed Instance Sort Order User needs to rebuild and redeploy SAS Enterprise GRC Mid-Tier for the changes in validation.xml to take effect. If "x_assessment_sort_order" is not a custom field of Assessment, or whatever the custom field name specified by the config option does not exist, QBA will behave the same as before this defect.
- New config option "monitor.incident.allowSendForValidationOnlyWithInvestigateCapability" is added to the system.
When this option is set to "true", it's not allowed to send for validation when user does not have Investigate capability. By default this option is set to "false".
- New config option "monitor.incident.saveApplyForNoChangeEvent.changeReason.required" is added to the system.
when this config option is set to "false", there will be no change reason prompt when user clicks Save or Apply when there is no change to the Incident. By default this option is set to "true".
- New config option "monitor.incident.sendForValidationForNoChangeEvent.changeReason.required" is added to the system.
when this config option is set to "false", there will be no change reason prompt when user sends Incident for validation. By default this option is set to "true".
- As part of the new functionality for being able to add new risk after invalidating a previously validated assessment:
Update and upload the Assessment screen definition (Assessment.xml) with the following changes in two places. In the out of box Assessment.xml for the fields TEMP.prepopulatedControls and TEMP.prepopulatedRisks the readonly attribute must be changed from readonly="TEMP.planningReadOnly or TEMP.hasBeenStarted" to the following <field name="TEMP.prepopulatedRisks" type="component" component-name="PopulatedRiskTable" required="false" readonly="TEMP.planningReadOnly"> <field name="TEMP.prepopulatedControls" type="component" component-name="PopulatedControlTable" required="false" readonly="TEMP.planningReadOnly">
- A new component option is added to allow removal of assessable after invalidation:
There is a new component option "allowRemovaAfterValidation". User can set allowRemoveAfterValidate = true if they need to remove the assessables after invalidtaion. This option should work for the following components : PopulatedControlTable PopulatedImpactTable PopulatedRiskTable
- To address the issue of loading financial impacts took a long time when pointing to the same single event:
A new config option "monitor.lockIncident.financialImpactLoader" is added. This controls if user wants to enable incident locking during financial impact loading. Default value is "false" which means it won't lock the incident during loading.


Back to Post-Installation list

E19002 for SAS Enterprise GRC Server 4.2

1. Copy the following files located in <SASROOT>/ucmacros/ormonitormva:

orm_pivot_datatype.sas
orm_pivot_driver.sas
to
<CONFIGDIR>/Applications/SASOpRiskMonitorServerCfg/4.2/Source/ucmacros

2. Copy the following files located in <SASROOT>/sasstp/ormonitormva:

orm_job_user_synch_orig.sas
to
<CONFIGDIR>/Applications/SASOpRiskMonitorServerCfg/4.2/Source/sasstp
2.1 Once the file has been copied, rename it to orm_job_user_synch.sas, dropping the "_orig".

2.2 Using an editor, open the file and replace the token

@ORMONITOR_SASSTP_PATH@
with
<CONFIGDIR>/Applications/SASOpRiskMonitorServerCfg/4.2/Source/sasstp

3. Copy the following files located in <SASROOT>/misc/ormonitormva/sample/config:

load_custom_field_defs.sas
to
<CONFIGDIR>/Applications/SASOpRiskMonitorServerCfg/4.2/Source/misc/sample/config

4. Copy the following files located in <SASROOT>/misc/ormonitormva/control:

parent_managed_relationships.txt
to
<CONFIGDIR>/Applications/SASOpRiskMonitorServerCfg/4.2/Source/misc/control

5. After copying the files, it is necessary to rebuild the report mart by running

<CONFIGDIR>/Applications/SASOpRiskMonitorServerCfg/4.2/Source/sasstp/orm_job_create_all_full_load.sas


Back to Post-Installation list


This completes the installation of hot fix D41013 on Linux for x64.