cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ARQ: How to restrict report type to "Actions"???

former_member184114
Active Contributor

on ‎05-21-2014 7:45 AM

0 Kudos

HI All,

In ARQ, requester submits a request and risk analysis is performed in the background (Parameter#1071) at the time of request submission. The default analysis type is "Permissions" (parameter#1023).

When the request is reaching to Manager or Role Owner, this violations report is available for them also. They can view both types of reports: Actions and Permissions.

Since these categories of users do not understand the technical details of authorization objects, I want to restrict this report type to "Actions" only. At least this way they can understand at a higher level and take the decisions accordingly.

If authorization objects level details are displayed to them, they are overwhelmed with too much of technical details and getting confused as what to do.

Therefore, I would like to allow them to view actions report ONLY. Though the analysis is done at permissions level.

In order to achieve above, I tried below:

1. Tried to use GRAC_REP auth. object. It seems that mostly it is related    to "Analytics Reports" and I could not find any help with this.

2. Tried to modify the "GRAC_OIF_REQUEST_APPROVAL" application through SE80. But did not get any option to hide/disable the "Permission" option from the drop down list.

Can any one please suggest me on how to achieve above?

Regards,

Faisal

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member204204
Active Participant
‎05-21-2014 9:18 AM
0 Kudos

Hi Faisal,

You can check the below blog to meet your requirement.

http://scn.sap.com/community/grc/blog/2014/02/01/access-control-10-arm-risk-analysis-report-type-is-...

Regards,

Neeraj Agarwal

Show replies
Show replies
former_member184114
Active Contributor
‎05-21-2014 12:36 PM
0 Kudos

Dear Neeraj,

Thanks for your reply.

I think there is a gap in understanding. This is already done. What I want is, while viewing the violations report, user can select "Action" or "Permission" from the repot type drop down. I want only "Action" option displayed there in the drop down.

Please suggest.

Regards,

Faisal

alessandr0
Active Contributor
‎05-21-2014 7:49 AM
0 Kudos

Hi Faisal,

you can use the authorization object GRAC_RA for this.

You can restrict the report type to 01 - Action Level so that only this can be run by the end user.

Hope this answers your question.

Best regards,

Alessandro

Show replies
Show replies
former_member184114
Active Contributor
‎05-21-2014 8:57 AM
0 Kudos

Alessandro,

Thanks for your quick reply.

I tried this option but unfortunately did not help me!

When I run the report, after its completion, it give error message:

"You are not authorized to perform risk analysis with parameters entered"

Please advise.

Regards,

Faisal

alessandr0
Active Contributor
‎05-21-2014 9:02 AM
0 Kudos

Dear Faisal,

this behaviour seems to be correct for me. As you are lacking authorization you cannot run the risk analysis with missing authorization for unauthorized parameters.

Can you show me a printscreen how you want to run the risk analysis? With which criterias?

Alternatively you can check SLG1 logs which authorization objects are missing. But be careful, as you restricted the access it will show lots of missing authorizations.

Regards,

Alessandro

Ask a Question