cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HR trigger brfplus rules for new hire

former_member400622
Explorer

on ‎05-12-2015 7:28 AM

0 Kudos

Dear all.

I have implemented the HR trigger as per user guides given below:

Understanding HR Triggers in Access Control 10.0 - Governance, Risk and Compliance - SCN Wiki

http://wiki.scn.sap.com/wiki/display/GRC/Understanding+HR+Triggers+in+Access+Control+10.0

And per our business requirement for new hire is, every time when we fill the infotype 0105 and the subtype 0001 with a User ID which located in US and CANADA region (which the region is defined based on the company code maintained in the infotype 0001 in HR master data), the HR systems sends the data to GRC where it will indicated there is an new user and creates a new request with default roles assigned.

However this scenario not working as expected as all employees that are being filling with these fields in the HR are being created in the backend system without taking the "company code" field into consideration; in which those users who did not have US/CANADA company code assigned in the HR master data, the GRC system will still triggered the HR trigger new hire request to have these user created in the SAP backend system.

My question is how could i restrict that only new users who has US/CANADA company code assigned must be created? i wouldn't want to create the users without the defined company code assigned to the users.

Appreciate the help and advise here.

Regards and thank you.

Merdelyn

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

alessandr0
Active Contributor
‎05-12-2015 8:27 AM
0 Kudos

Dear Meredlyn,

you need to update your decision table in BRF+ so that only triggers with company code US/CANADA are processed. HR system will send all triggers whereas GRC then decides if they are processed or not.

Regards,

Alessandro

Show replies
Show replies
former_member400622
Explorer
‎05-12-2015 8:42 AM
0 Kudos

Hi Alessandro,

Yes, we have tried to add in additional attributes in our BRFplus to restrict the GRC request creation based on the rules defined. However, the HR trigger failed to generate with error " Rules are not satisfied for Employee ID XXX" in the SLG1 log

Below is the brfplus rules that we have defined where the "region" attributes is the one that we have added into our brfplus.

Appreciate your help.

Thanks ,

Merdelyn

alessandr0
Active Contributor
‎05-12-2015 9:30 AM
0 Kudos

Dear Merdelyn,

okay - that's correct how you set up the BRF+ rules. Rules not satisfied means that the rule criterias were not met. Did you check the trigger if the appropriate values were sent for region? You can see and check in SLG1.

Regards,

Alessandro

former_member400622
Explorer
‎05-12-2015 9:42 AM
0 Kudos

Hi Alessandro,

From SLG1 log, seem like the region's value was not sent via the hr trigger and i suspected it's because the company code field is resided in infotype 0001 instead of 0105.

Is there a way for us to design the brfplus rules to pick up the value from 2 different infotype for the same action ID and how can we do that?

The SLG1 log:

Thanks

Merdelyn

Ask a Question