cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC - Mitigation control maintenance workflow

Former Member

on ‎08-07-2014 2:39 PM

0 Kudos

Hi Experts,

This is regarding Standard GRC workflow WS76300088.

How is approver determination done in this ?  Do we need to ensure that the approvers are maintained somewhere?

Awaiting inputs ... thanks in advance!

~Ali~

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎08-07-2014 2:46 PM
0 Kudos

Hi Ali,

The workflow is maintained mainly from the MSMP front end (tcode GRFNMW_CONFIGURE_WD)

Standard agents (delivered by SAP)

The agents provided by SAP are based on Mitigating Control Approver/Owner. This is maintained within the actual mitigating control (and within the organisation aligned to the Mit Control beforehand).

The user has to exist in the GRC system and be assigned as a Mitigating Approver/Monitor within the AC Owners table.

Custom Agents (i.e. BRF+ decision table)

However, you can create your own custom agent via BRF+ and assign this rule to the MSMP workflow process to approve the requests also. A decision table could be computed so that the approver is determinend by the attributes assigned to the control. As a minimum, the users listed as teh custom approvers require to exist as users within the GRC system, but arguably you would not have to maintain them in the AC Owners table etc (like the standard agents).

Show replies
Show replies
Former Member
‎08-07-2014 3:04 PM
0 Kudos

Thank you!


"The user has to exist in the GRC system and be assigned as a Mitigating Approver/Monitor within the AC Owners table." - Can you pls give more details where to assign this ?

Former Member
‎08-07-2014 3:08 PM
0 Kudos

How new are you to using and configuring SAP GRC AC?

The following guides will be a good read for starters -

Within NWBC - go to the Setup area and find "Access Control Owners". This is where you can add the users and select what type of approver they are going to be within the system.

Ask a Question