cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SPM LOG REVIEW WORKFLOW - Approve/Reject Own Logs

Go to solution
Former Member

on ‎11-03-2014 1:11 PM

Hi All,

Can you please guide me on the below requirement.

If the controller is the Firefighter, then system should not allow him/her to approve/reject the Log.

Please help me to achieve this.

Regards,

J

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

madhusap
Active Contributor
‎11-03-2014 2:04 PM
0 Kudos

Hi,

If you have 4013 and 4014 as "YES", your Owner and Controller can submit request for their own FF IDs.

Like in access request, it is not possible to restrict the Controller from approving his own FF logs.

We also have same scenario, where 2 controllers are assigned to same FF ID and when one use that ID. logs are reviewed by another controller, but both will have access to approve the log reviews.

We have raised this to SAP and they asked us to request for customer enhancement

Regards,

Madhu.

Show replies
Show replies
alessandr0
Active Contributor
‎11-03-2014 2:08 PM
0 Kudos

Hi J,

as mentioned in my other post it's possible with built-in functionality. The answer from Madhu is fully correct and you can restrict with option 4013 and 4014.

Regards,

Alessandro

Former Member
‎11-03-2014 3:37 PM
0 Kudos

Hi Madhu,

Thank You for the quick response!

We were about to raise an OSS for this requirement. So, if this functinality cannot be setup in GRC AC 10.1(SP06), then what could be the work around?

Regards,

J

alessandr0
Active Contributor
‎11-03-2014 3:43 PM
0 Kudos

Hi J,

I will answer here, no need to further discuss in the other thread.

Did you already check note: http://service.sap.com/sap/support/notes/1659219

Regards,

Alessandro

Former Member
‎11-03-2014 6:23 PM
0 Kudos

Hi Alessandro,

Thank You!

I have gone through this note and this is mostly related to EAM Provisioning part and my issue is related to EAM Log Review. And also, this note is not applicable to my SP level (V1100, SP05)

Regards,

J

madhusap
Active Contributor
‎11-04-2014 2:59 AM
0 Kudos

Hi J,

I don't say this is the work around but our scenario is like this:

1. All users cannot request for Firefighter access as we disable this Request Type from end users.

2. Only few designated users will have access to raise Firefighter access request.

3. We have one basis FF ID and we maintained 2 controllers for it. They will request that Firefighter ID to access as Firefighter. So, FF Owner approves their requests.

4. As for Log review workflow, our customer also wants something similar that Controller should not approve his/her own FF Logs. This functionality is currently not available. Hence as a work around, if one Controller uses their FF ID as Firefighter another Controller for the same FF ID reviews the logs and viceversa.

If you want to avoid this, then 4013 and 4014 should be kept NO, so that this scenario doesn't occur. But it is our requirement and so we are using this workaround

But there is a proposal to implement enhancement with the help of our ABAPer which is quiet possible and it is in progress.

Regards,

Madhu.

Answers (1)

Answers (1)

Former Member
‎11-03-2014 2:03 PM
0 Kudos

Hi J,

In EAM, the system should prevent you from being the Owner or Controller of a FF ID that you are assigned to and vice versa.  This is kind of a built in functionality of EAM.

As the functionality is designed, when you have a FFID in the systems, and UserA is the owner and/or the controller, the system should NOT allow assignment of that FFID to UserA as he/she would be the one to approve assignment or approve the log workflow.

Hope this answers to your query.

Regards,

Ameet

Show replies
Show replies
Ask a Question