cancel
Showing results for 
Search instead for 
Did you mean: 
viveshar
Occasional Member - Level 1

Compliance issue in saved Cognos report

Hi,

 

We use the feature of BI manager in Concur to allow the managers to access the Cognos reports. Recently we have been alerted to a scenario where the manager can access a report saved by some other manager. What this leads to is a situation where a manager is able to look into the information of the employees that do not belong to his/her organization. This is being considered a violation of the compliance controls.

 

Has someone else faced the same issue? If yes, how has this been fixed?

 

Vivek

 

4 Replies
Highlighted
tesh94
Occasional Member - Level 3

Re: Compliance issue in saved Cognos report

Hi, 

If the Report is not applicable to the manager, you can restrict the report by permission. You may similarly want to check on the directory of where the report is located. If the report is only applicable to the Report Owner, you may want to recommend the Report Owner to store their report in the 'My Folders' tab as oppose to the 'Public Folders' tabs.

 

You can also explore the concur reporting resources that is available to learn more on performing the above actions. 
https://www.concurtraining.com/pr/reporting/resources

 

Thanks & Regards,

Pritesh

SAP Concur Employee
SAP Concur Employee

Re: Compliance issue in saved Cognos report

I concur with tesh94 that most likely the manager has access to this report because it is saved in the Public Folders area somewhere that allows anyone access to the report if they have Cognos permissions. 

 

Best practice is to save the report in My Folders for whomever owns the report or that the report is intended for. 

 

Kevin

viveshar
Occasional Member - Level 1

Re: Compliance issue in saved Cognos report

Hi Pritesh and Kevin,

 

Thanks for providing the link and suggesting the solution. Unfortunately, in our case, the reports are run by a team of people rather than individuals which means that these reports cannot be saved in "My Folders" and it is these reports that the managers can access.

Is there a way of doing one of the following

  1. Ensure that the save option in all the Cognos reports is disabled. This would mean that whoever runs the report, it will not be available for the next person to see
  2. The report is saved for a duration of 10 minutes or so. This still has risks but the risk is reduced
  3. The download option provides the last run report of the specific user who is accessing the report rather than the one who had last run it.

Regards

Vivek

SAP Concur Employee
SAP Concur Employee

Re: Compliance issue in saved Cognos report

@viveshar 

 

First off, I'll address the three items you have listed in your last reply. None of those features are available. 

 

Second, after reading your original post, I am thinking something is wrong in your BI Manager setup. The credentials of the the BI Managers determines what data they can see and a BI Manager can only see data for those they are specifically assigned to. So, if a manager is seeing data in a report for people he/she is not the BI Manager for, then there is some other issue going on, no matter where that report is saved. 

 

I might be able to help if you provide me your company name and the manager's name in question. Is it possible the manager in question has also been given a Cognos role in addition to the BI Manager permission? That would be my first troubleshooting tip. Maybe the manager is going into Cognos using the Cognos role rather than as a BI Manager and therefore seeing more data than they should. 

 

Let me know if you have any other questions. If you want me to take a look, send me a private message with the information I mentioned in the previous paragraph. 

 

Kevin