on 10-12-2010 10:45 AM
Hi all,
in our SAP system Functional TEAM implemented WF to release Order ME29N.
Now users doesn't need S_TCODE and M_EINK_FRG to release orders.
How RAR could intercept missing action/object?
Does someone have any suggestion?
Claudio
Please, it's a so strange question?
RAR will work as per rules defined.
May be now you should remove ME29N from Actions and Permission rules
And only maintain critical permission rule for new process.
RAR picks user data compare with rules (per your selection in informer tab)
now if user don't have access to that tcode, it will not show confict.
Regards,
Surpreet
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Claudio,
not sure what exactly you want to do - do people with access to ME29N show up as having a risk and you don't want that?
There are several ways to fix that:
- de-activate ME29N in the respective function and regenerate the risks
- assign a mitigation that says there is a workflow that acts as a control
Frank.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Create a new function(s) with the existing authorization objects and attach them to a risk. This will show the risks at the permission level for the users.
Hope this helps.
Rgds,
Raghu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.