cancel
Showing results for 
Search instead for 
Did you mean: 

GRC BRM: Push Authorization Data to Backend System

Former Member
0 Kudos

Dear all,

can somebody explain me what option "Push Authorization Data to Backend System" in Role Methodology Step "Maintain Authorizations" is good for?

I am creating roles using GRC functions. If a role has been accidentically changed in PFCG mode the option "Push Authorization Data to Backend System" should allow me to re-push the data of the selected function towards PFCG. This should then replace the accidentically changed role by the original authorisation set and clean up the role.

But this does not work at all - if I select the option, save and move on to generation the role in to plug-in system is generated but not replaced by the original authorisation set. The e.g. accidentical added transaction in PFCG just stays assigned to the role.

Please help.

Regards,

Markus

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Dear Markus,

Once you have manitained the authorizations, Please select the Sync with PFCG. This will transfer all

the chages that you made in the BRM to the back end.

Thanks & Regards

Japneet Singh

Answers (1)

Answers (1)

Former Member
0 Kudos

Hi Markus,

I have observed that behaviour also. To be honest, considering the fact that actual authorisation object field values require to be managed by GRC creating a PFCG back end session, I was slightly put off by using BRM as a end user.

I can see the merits of using BRM to create roles in a governed manner (i.e. by selecting function-grouped based transactions and also using Org mappings etc), but I found the whole experience clunky. As you state, anything added by mistake directly in the back-end seems to remain in the role definition even after synchronising.

Maybe in 10.1 things may have improved (still to hear anything new in regards to BRM).

all the best with your endeavours.