cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

BRM Role change history and other details not showing at approval stage

Go to solution
Former Member

on ‎02-12-2013 10:02 AM

0 Kudos

Hi GRC Experts,

We have created a Role approval workflow with methodology. It is working fine. Role goes through designated approval process and finally Role is generated.

What is strange is that at the time of Request Submission, although we run Risk analysis and then submit request, approver gets no details in his inbox approval screen. Details are missing like -

1. Role Authorization details

2. Change history as what is being added or changed

3. Risk Analysis Report

4. Option to run risk analysis in case a mitigation was happened.

5. Do a mitigation based upon Risk Analysis

All above details which were there in ERM AC 5.3, are not visible. In SPRO--> Configuration Settings-- There is no parameter as such to define this. There is no personalization settings either on POWL in approver screen settings.

What could be the issue with this? Is it standard or some configuration is missing here. Need your help on this, this is very important.

Regards,

Sabita

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

marie-luise_wagener3
Employee
Employee
‎02-12-2013 4:34 PM
0 Kudos

Hi Sabitha,

have you clicked on the role name link in the request?

Thanks,

Marie

Show replies
Show replies
Former Member
‎02-13-2013 10:54 AM
0 Kudos

Hi Marie,

Thanks for your reply. Yes, now I can see the details. How ever, Risk Analysis Report is not visible and no option to run Risk analysis for the approver.

When I checked the requester options, he can easily skip Risk analysis stage, there is no place to set it mandatory.

While at the time of Role generation, we can set it mandatory and force the generation with Risks to be stopped, this is not client's requirement. They are new on SAP, and for the time want to go with Risks. So they should be able to see what are the risks in the Role and based upon that they would approve or reject it.

Any suggestions are highly appreciated.

Thanks,

Sabita

marie-luise_wagener3
Employee
Employee
‎02-14-2013 10:12 AM
0 Kudos

Hi Sabita,

you have different options to set the Risk Analysis to mandatory.

Maybe you want to consider the Risk Terminator and/or the AC configuration parameters (3011, 3014) for this.

Thanks,

Marie

Former Member
‎02-15-2013 4:33 AM
0 Kudos

Hi Marie,

Risk terminator works with backend PFCG as per my understanding and not in BRM workflow.

Parameter ID 3011 and 3014 are for the time of Role generation when actually Role Approver has approved the role. But there is no option to force Role approver to run risk analysis, see previous Risk analysis report and reject request if it it has violations.

marie-luise_wagener3
Employee
Employee
‎02-15-2013 7:46 AM
0 Kudos

Hi Sabita,

I think you can find some pretty good explanation here.

The role creation process in BRM is tied to the PFCG, and controlled by the methodology set up. The results of the risk analysis are available for review when selecting the corresponding stage in the methodology.

The mitigation is part of the access request process e.g. or a separate mitigation initiative.

Thanks, Marie

Answers (0)

Ask a Question