- SAP Community
- Products and Technology
- Additional Q&A
- Audit process in GRC 10
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Audit process in GRC 10
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 07-23-2013 11:43 AM
Hello all,
is there a Audit process in GRC 10 TO ENSURE that a Role approver doesnt assign too many roles to a user?
i take it it sits under CUP or ARA?
thanks
S
Accepted Solutions (0)
Answers (2)
Answers (2)
Colleen
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Sundhir
What is your definition of "assign too many roles"? Is this based on number of roles or combination of access?
For example, If you have a security design where user is only allowed 1 business role you could look at handling that through a BRFplus routing rule and perform a check on the request.
Otherwise, Kevin's comment for Periodic Access Reviews would help with formal review of access but will not prevent. It can be difficult to revoke access once the user has it.
It will only sit under ARA if "too many roles" results in an access risk
Regards
Colleen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Sundhir:
SAP Access Control has a feature called Periodic Reviews, where you can execute a User Access Review (either by Manager or Role Owner) and send out requests for review and approval. Is that what you are looking for??
Thanks.
Kevin Tucholke
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Extend Your Crystal Reports Solutions in the DHTML Viewer With a Free Function Library in Technology Blogs by Members
- Latest Updates to the Reimagined Applicant Management Tool in SAP SuccessFactors Recruiting in Human Capital Management Blogs by SAP
- SAP Named a Leader in the 2024 Gartner Magic Quadrant for Transportation Management Systems in Supply Chain Management Blogs by SAP
- ISAE 3000 for SAP S/4HANA Cloud Public Edition - Evaluation of the Authorization Role Concept in Enterprise Resource Planning Blogs by SAP
- remove billing plan block from sales order in Enterprise Resource Planning Q&A
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.