on 07-23-2013 11:43 AM
Hello all,
is there a Audit process in GRC 10 TO ENSURE that a Role approver doesnt assign too many roles to a user?
i take it it sits under CUP or ARA?
thanks
S
Hi Sundhir
What is your definition of "assign too many roles"? Is this based on number of roles or combination of access?
For example, If you have a security design where user is only allowed 1 business role you could look at handling that through a BRFplus routing rule and perform a check on the request.
Otherwise, Kevin's comment for Periodic Access Reviews would help with formal review of access but will not prevent. It can be difficult to revoke access once the user has it.
It will only sit under ARA if "too many roles" results in an access risk
Regards
Colleen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sundhir:
SAP Access Control has a feature called Periodic Reviews, where you can execute a User Access Review (either by Manager or Role Owner) and send out requests for review and approval. Is that what you are looking for??
Thanks.
Kevin Tucholke
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.