- SAP Community
- Products and Technology
- Additional Q&A
- MSMP Work flow in GRC 10.0
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
MSMP Work flow in GRC 10.0
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 09-16-2011 5:45 PM
Hi Experts,
I have a work flow requirement and would appreciate if you guys can please help me here . The actual requirement is to design a CUP Workflow and If there are SOD issues identified, the workflow will need to go to a central team for them to address each issue. If there is no SOD issue found, the workflow should end. The requirement is to configure the access request so that the end goal of work flow is just facilitation of an SOD review. There would be no actual provisioning of users at the end of the path.
I am wondering if this would work flow can be initiated with an function module based rule or i would have to create a BRF Rule for this . As per my understanding the flow should be Start > Access Request > Sod Analysis done > If Sod , Go to Central team otherwise end > Central team will decide on the assignment of SoD Resolution > This Team will either Assign MC or wont approve the Role assignment > Both Cases the work flow ends and request is closed.
Would really appreciate if you guys can assist me as i am new to work flow and this is one of project deliverables . Thank for your valuable time and help .
Vikas
Accepted Solutions (0)
Answers (1)
Answers (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Vikas ,
I am wondering why you want to do this from CUP .If your intention is just to analysis SOD why dont you do it from RAR .
whatever you are trying can be done via workflow but once SOD is found and central team has reviewed it WHAT next ?????
If you want to review a user for SOD best would be doing it from RAR user level risk analysis .
Hope I have understood your scenario correctly .
Thanks & Regards
Asheesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Ashish ,
Thanks for your time . Let me explain you my requirement and would really appreciate if you would have some inputs here which would help me to design this .
The actual client requirement is to design a CUP Workflow and If there are SOD issues identified, the workflow will need to go to a central team for them to address each issue. If this group decides to apply mitigating controls to the issues, the workflow must then go to the compliance group for them to review for appropriateness. Requirement is do a SoD analysis for every role change/add request , so that this group takes the appropriate action based on the SoD Analysis . For all my CUP request raised , i want system to do a SoD analysis and let this group know whenever there is a SoD found or just end the workflow if there is no risk.
I am aware of the Risk analysis process for GRC 10.0 , however i want it to happen as a part of this work flow requirement.
The requirement is to configure the access request work flow so that the end goal of work flow is just facilitation of an SOD review. I hope i was able to explain my requirement . Thanks again for your help.
Your valuable guidance would be really appreciated.
Vikas
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hello Vikas
This is very basic requirment which all client will expect from GRC .
I can think of following workflow for your situation .
First stage can be manager then you can forward to Security support team .Make risk analysis mandatory at Security support stage .
Define a detour path at Security Support stage so that if a risk is found it should go to compliance team for Mitigation control assignment and then role owner so that he is aware his role is assigned .
If no SOD is found then directly go to Role owner stage and close the request .
Hope this will help you .Do let me know if you need any other input from me ,
Thanks & Regards
Asheesh
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Ashish ,
Thanks for your valuable inputs .
Can you please help me with the initiator condition for this work flow . Do you think we would be able to use the function module or we would need to customize our BRF rules for the initiator condition here.
You have been a great help .. Thanks..
Vikas
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi,
In the global process settings there is an escape route pre-defined for the case that there are SOD violations. You should be able to simply activate this detour and then just define the agent rule so that it results in the Central team which you want.
You'll need to have at least one stage to complete the path but this defined escape route / detour means that you do not need to generate a specific custom rule.
Simon
- First Half 2024 Release: What's New in SAP SuccessFactors Employee Central Payroll in Human Capital Management Blogs by SAP
- SAP Integration Suite - Design Guidelines in the integration flow editor of SAP Cloud Integration in Technology Blogs by SAP
- First Half 2024 Release: What's new for Talent Management? We have AI-enabled features to share! in Human Capital Management Blogs by SAP
- SAP BTP FAQs - Part 2 (Application Development, Programming Models and Multitenancy) in Technology Blogs by SAP
- Create SAP S/4HANA External GL Account Hierarchy within SAP Datasphere using standard CDS Views in Technology Blogs by Members
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.