cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Risk Management 3.0: Auditor role (read-only)?

Former Member

on ‎04-16-2010 5:40 AM

0 Kudos

My client has gone live on Risk Management 3.0. We are now trying to configure auditor access to the system, i.e. we want to provide an auditor with read-only access to all risks.

So far we have followed the role assignment as outlined in ['SAP BusinessObjects GRC Risk Management 3.0 - Security Concepts'|http://www.sdn.sap.com/irj/bpx/grc?rid=/library/uuid/900d0a8a-4ed0-2c10-d484-9efa5e6f94fb]. Any combination or subset of roles SAP_GRC_FN_BASE, SAP_GRC_FN_BUSINESS_USER, and SAP_GRC_RM_API_INTERNAL_AUD does not lead to the intended result.

Does anyone know how to assign auditor access in Risk Management 3.0?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

dominic_yow-sin-cheung
Participant
‎04-16-2010 8:57 AM
0 Kudos

Hi Alex,

did you check the "official" [security guide|https://websmp206.sap-ag.de/~sapidb/012002523100005699652009E.PDF]?

In there on page 31 you have the role SAP_GRC_FN_DISPLAY which seems to do exactly that:

Assign this role to external auditors if you
want to give them display access throughout
the application. This role bypasses the
SAP_GRC_FN_BUSINESS_USER role to grant
display authorizations in the back end. If you
wish to have more control over what is displayed,
use the SAP_GRC_FN_BUSINESS_USER
instead.

Cheers,

Dominic

Edited by: Dominic Yow-Sin-Cheung on Apr 16, 2010 9:57 AM

Show replies
Show replies
Ask a Question