cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC 10-Point of Contacts by Departments

Former Member

on ‎04-11-2012 3:08 AM

0 Kudos

We have a requirement were the point of contacts needs to be mapped based

on Departments field of User. Currently GRC 10 ‘Access Control Owners’

does not have option to define the criteria for mapping the department

and point of contact agent.

Kindly let us know where we map our criteria for Point of Contact this

section seems to be missing in the configuration area of GRC 10. We see

an API rule for Point of Contact.

Thanks,

Prasad

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

Former Member
‎07-24-2014 12:58 PM
0 Kudos

You will need to configure a BRF+ Agent rule to determine the approver by a request header/Role line items Functional Area. The Point Of Contact setting in the AC Owners section does not enable this alone (infact I don't think it works as described).

If you are trying to create a "PFCG User group" based agent (which utilises the assignments in the SU01 "User Group" tab), then you may have to create a specific agent per User group and then possibly create a different path per user group for approval (as well as Routing rule maybe).

In that sense, creating and maintaining a BRF+ agent rule will probably be easier and use whichever field you want (Func Area, User Group, Dept) to determine the approvers.

Show replies
Show replies
Former Member
‎07-18-2014 4:00 PM
0 Kudos

Hi all.

Can someone with me somelight about mapping the Functional Areas with the users set as Point of Contact?

Regards and thank you.

Show replies
Show replies
FilipGRC
Contributor
‎07-21-2014 4:38 PM
0 Kudos

Dear Sara,

according to definition Point of Contact is an approver for a specific Functional Area. Functional Area is an attribute used to categorize users and roles.

First of all you need to assign a user to role Point of contact in Access Control Owners application.

Next you can use them in MSMP configuration as using following FM: GRAC_MSMP_POINT_CONTACT_AGENT.

Let me know, if you require further assistance,

Filip

amit_bajaj
Employee
Employee
‎04-11-2012 12:09 PM
0 Kudos

Hi Prasad,

How are you maintaining the department to POC link? Is this stored in some custom table?

Regards

Show replies
Show replies
Former Member
‎04-11-2012 2:20 PM
0 Kudos

  Hi,

We tested the BRF+ rule and the rule only has following option
as result set value.

  1. 1. Line Item
  2. 2. User ID

When we change the route mapping to include additional filed in
rule result and refresh the binding. It does not allow the rule result to
change as it's connected to DDIC object.

We need User Group as result value instead of User ID from
maintenance point of view.

The department to POC is maintained in BRF+ we don’t want to
create an FM module to achieve the same.

Any suggestions to include the User Group in BRF+ raised OSS did
not get positive response.

 

Regards,

Prasad

Former Member
‎04-11-2012 2:39 PM
0 Kudos

Hi Prasad,

What is the reason to have user group as result value ?

Regards,

Ajesh.

amit_bajaj
Employee
Employee
‎04-11-2012 3:10 PM
0 Kudos

what is the OSS# please?

Former Member
‎04-11-2012 3:25 PM
0 Kudos

Hi Amit,

OSS:0000308372

Thanks,

Prasad

Former Member
‎04-12-2012 2:49 AM
0 Kudos

Hi Ajesh,

The reason we want it as User Groups is from Maintenaince point of View. If the Approver changes the new name can be mapped in User Group.

Regards,

Prasad

Former Member
‎04-12-2012 6:07 AM
0 Kudos

Hi Prasad

I dont think this is possible. Agent is designed to return User-ID, all the fields supported by it listed in the standard result data object. Even if it returns User group there is no functionality in the workflow to identify its a user group and take the list of users assigned to it. From the maintenance point of view, you may have to maitain the Dept approver name in BRF when there is a change, similar to role approver change.

To make this possible, scenario would be for each department ID you create an initiator (10 different initiators) and link to each path. In the path you can define stage Department and send it to dept approver based on PFCG User group or PFCG role assignment.

I am not sure about the POC API and how it works. Let us know what is the response from OSS.

Regards,

Ajesh.

Former Member
‎11-21-2012 11:54 AM
0 Kudos

Hi!!

I was reading all related post I found to Point of Contact configuration on GRC AC 10 and I haven´t got a clear idea how this should works.

SAP documentation says "Point of Contact is an approver for a specific Functional Area. Functional Area is an attribute used to categorize users and roles."

 

In which way can be mapped a point of contact with a functional area?

Hope that BRF+ Flat rule doesn´t be the only way... 

Thanks a lot in advance. Great job supporting us guys!!

Former Member
‎04-11-2012 11:39 AM
0 Kudos

Hi Prasad,

Try creating a BRF+ flat rule for agent. Department field is part of request header, based on which you can set the approver.

Regards,

Ajesh.

Show replies
Show replies
Ask a Question