on 06-11-2014 2:55 PM
Hi gurus,
I am trying to limit the Control Owner role depending on the following requirements:
1-The responsible of the organization can changed everything from the Organization.
2-Inside the subprocesses linked to the Organization, this person can apply changes to the controls he is responsible of.
3-This person can also apply changes to the central controls he is responsible of.
The limitation I found is that even though I am working with object GRFN_API, if I set the actvt to 2, the control owner can change everything but I need him only to change his control. How is it possible to do it?
Thanks!!
Regards,
Hi John,
The authorization in GRC PC/RM goes top to down.
If the user has the authorization to display / edit the organization and the control , then all the entities under
the organization will be available for him to work over.
But in the case he is just responsible for the control, then he wont have access to any other control for which he is not responsible.
Consider the SAP Note 1572360 to have more clarity over the authorization concept.
Regards,
Silky Sharma
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.