05-14-2015 7:55 PM
Hello,
I am looking for some guidance around strategy for Firefighter relating to FI/CO and PR. Specifically, how do you recommend organizing Firefighter accounts and their authorizations? I am using GRC 10 Access Control: ARA, UAM, EAM, BRM.
For example, I have implemented the following Firefighter accounts:
I am looking for guidance or advice on setting up more granular FI/CO/PR Firefighter accounts, while avoiding the headache of not having enough authorization in a single Firefighter account to get the job done. After all, the users are accessing Firefighter in order to gain authorization above and beyond what is typically available to them.
When creating CO or PR Firefighter accounts, does it make sense to include ALL authorization objects and values from FI and MM authorization sets? Many of the functions require a hybrid of FI/MM authorization, how to plan for this?
Audit issues to consider?
Any advice is welcome!
Thanks in advance,
Ken
05-15-2015 3:11 AM
Hi Ken,
the easiest approach is to have diff. FF ids as per your composite/job roles of FI/CO, or a combination of some of those related roles. By this way, you will not miss any auth. object.
Regards
plaban
05-15-2015 3:11 AM
Hi Ken,
the easiest approach is to have diff. FF ids as per your composite/job roles of FI/CO, or a combination of some of those related roles. By this way, you will not miss any auth. object.
Regards
plaban