- SAP Community
- Products and Technology
- Additional Q&A
- UAR review for roles assigned to role owners
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
UAR review for roles assigned to role owners
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 12-09-2014 5:42 AM
Hi All,
My client has a 2 phased requirement for UAR functionality
1) Role owners should be reviewing the access for users as part of UAR
2) Role assigned to Role Owners should be reviewed by Role Owners manager
I have setup Role owners as reviewers in config parameter and setup an initiator rule where based upon the request type the paths are split. For the first path role owner has been setup as the reviewer by using the default agent - GRAC_MSMP_REVIWER_AGENT . I am trying to setup Role owners manager as the agent for the 2nd path. Can you explain how i can setup a custom agent rule so that i can retrieve the role owners manager info and in turn route the notifications to the manager for review? Detail steps of the agent rule would be helpful.
Thanks
KNR
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Narsimha,
I have a similar requirement and used below approach.I am yet to figure out the logic for agent rule when it come to sending the request to Role Owner's manager.
I proposed using USER GROUPS in the system and move users identified as role owners into Role owner user group bucket.
I set up a routing rule based on usergroups with 2 paths- 1 one for regular users ( user group <=> Role Owner). - 2 for role owners ( User group = Role Owner) .
In the 1st path I used default agent to send the requests to role owners.
In the 2nd path ( here comes the tricky part) - I am planning to use a DBlookup logic or an expression logic for setting up a custom BRF+ agent rule. I have setup a custom table in GRC ZGRC_APPROVER which captures Role Owner and Manager information ( this is maintainable table, but go forward it will be auto populated by an interface).
I am find it difficult to come up with a DBLookup logic to setup the agent rule.
Maybe this will take you half way there but atleast a potential solution for your client.
If you have any skillset about dblookup maybe you can help me out with the agent rule.
Cheers!!
Sandeep
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Answers (1)
Answers (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Narasimha,
I believe that there will be a small number of Role Owners. In such case, you can set up a custom agent rule which takes in user id as input and gives a user ID as result.
meaning,
Input User ID = ROLEOWNER's ID
Output User ID = RoleOwner's Manager's ID
You can fill the decision table with direct value input, for example lets say that the role owner is USER1 and his manager is USER2. Then in Decision table, you can define saying if Input User ID ='USER1' Return User ID = 'USER2'.
Likewise you may define for all the role owners.
Let me know if this suits your requirement and do let me know if you want me to elaborate and provide a detailed explanation
Regards,
Mohamed Fazil.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Identifying future dated transactions during a termination event in Employee Central in Human Capital Management Blogs by SAP
- Parameter 4026: Transforming Your Approach to EAM Application in SAP GRC Access Control in Financial Management Blogs by Members
- Support Case vs Service Request – What's the difference? in CRM and CX Blogs by SAP
- Category Management with SAP Ariba in Spend Management Blogs by SAP
- Export and Import Feature of SAP SuccessFactors Talent Intelligence Hub in Human Capital Management Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.