cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Change Access in BRM Production system

Go to solution
Former Member

on ‎06-17-2013 8:17 AM

0 Kudos

Hi ,

We have configured GRC Development system for module BRM.Testing was successful,finally decided to Go live in next month.

We are setting up GRC roles and testing those roles.We will use GRC development system to maintain roles in ECC development system

Users in GRC production system should only have access to import roles and and assign role owner.As per standard SAP roles , user should have access to object GRAC_ROLED with activity 02 to achieve import and assign role owner functionality, but Production should not have change

access as per our requirement.

Did anyone observed this issue?

Using this change access, user can change Business process,sub process etc.

Thanks

Mohana Kuntamukkula

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎06-18-2013 9:46 AM
0 Kudos

Hi Mohana,

What you have observed in your case is true. The default roles provided by SAP are generically set in terms of authorisations, therefore it is expected that a customer would copy the standard delivered roles and customise/refine the ABAP roles as per their own requirements.

At some implementations, the end users prefer the GRC Production system as the source of managing the role build and connect their target Development back-end systems to the GRC Production box. So in this case, the GRC ABAP roles used are likely to contain similar authorisations as the default provided ones.

Using the GRC 10.0 Security guide available in the SAP Marketplace, I would suggest making your own custom role/s and testing out the various GRAC/GRFN authorisation objects and field values.

Hope that helps.

Show replies
Show replies

Answers (0)

Ask a Question