cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

BRM role approval-Back to Past

Go to solution
Former Member

on ‎07-28-2015 11:53 AM

0 Kudos

Hi All,

I have few question in BRM if you can kindly help me to understand (Kindly note that I had also gone through the documents in SCN from Collen)

1.What is the difference between the "Role Owner" in Access Management and "When we tick someone as role owner in Access Controllers"

2.What is the reason of assigning APPROVER to a methodology in SPRO

3.Which workflow gets called when we click in "Initiate Approval" while creating a role in BRM

4.How GRC identifies who is the role assignment approver?Is it the MSMP agent or ROLE OWNER in access management?

5.Do we always have to group roles by some condition group and can assign to only one owner?or we can use separate owners for separate roles?

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Colleen
Advisor
Advisor
‎07-28-2015 1:51 PM
0 Kudos

Hi Somik

Some of your questions are quite bordler line spoon feeding. However, I'm happy to answer this as BRM content is quite light on in the community. A lot of your questions really come back to your design - role management processes.

Hope this helps you....



1.What is the difference between the "Role Owner" in Access Management and "When we tick someone as role owner in Access Controllers"

Flagging a user as a Role Owner in Access Controller makes them available to assign them as a Role Owner for either Access or Content Approval against a Role in BRM.



2.What is the reason of assigning APPROVER to a methodology in SPRO

This has been explained in one of the blogs that I wrote and I've stepped through the configuration and impact. It's to help drive the BRM logic to default an approver based on condition groups that you map



3.Which workflow gets called when we click in "Initiate Approval" while creating a role in BRM

This one is a piece of code sitting behind the button (in simplest terms). It then calls the MSMP Role Approval workflow which you configure and choose which levels your want.

Within BRM, the Approvers tab has a Default Approvers. This one does not user MSMP but does use the APPROVER methodology in SPRO and the Condition Group table within NWBC to default approvers based on role content



4.How GRC identifies who is the role assignment approver?Is it the MSMP agent or ROLE OWNER in access management?

Role assignment (ARQ) approvals is based on the MSMP agents. There is a default agent rule for ARQ approval which is role owner. If that agent is chosen then the Role Approver information in BRM is used to pick the Agents



5.Do we always have to group roles by some condition group and can assign to only one owner?or we can use 


separate owners for separate roles?

This depends on your design. Configuration use of condition groups is so you can consistently default role owners. You might decide you have a process owner (e.g. finance) so all roles that belong to the Finance business process would have the same role owner. You don't have to use the APPROVER configuration in SPRO and default approvals. Alternatively, you might decide you only want one role approver and therefore you configure a BRF+ rule that only returns one rule result for condition group. That way you can always default the same approver

Regards

Colleen

Show replies
Show replies
Former Member
‎07-28-2015 2:09 PM
0 Kudos

Thanks a lot Colleen!

Can you kindly help me with link for the blog for point 2?

Colleen
Advisor
Advisor
‎07-28-2015 2:22 PM
0 Kudos

HI Somik

I thought you had read it as you asked me questions in the comments

Regards

Colleen

Former Member
‎07-28-2015 2:45 PM
0 Kudos

Hi Colleen,

yes,I had read this one.

Answers (1)

Answers (1)

Former Member
‎07-28-2015 12:00 PM
0 Kudos

Show replies
Show replies
former_member197694
Active Contributor
‎07-28-2015 1:30 PM
0 Kudos

Hello Somik,

1.What is the difference between the "Role Owner" in Access Management and "When we tick someone as role owner in Access Controllers"

Defining role owners in Access Controllers will gives information about list of owners/approvers are available to use for respective workflows

we can define N number of owners/approvers for role,FF,Risk,Mitigation  etc

To define Role Owner to approve the role via workflow the approver should be defined in Access controllers link,then we can map the role owners with respective condition groups.

2.What is the reason of assigning APPROVER to a methodology in SPRO

Once we click to create role,depends on role type methodology will be populated in role management screen.

Depends on the methodology,approval workflow will be triggered,indirectly it takes condition groups from approver rule methodology.

3.Which workflow gets called when we click in "Initiate Approval" while creating a role in BRM

Its depends on selection of role attributes and condition groups mapping,approval will be triggered to approver.

Regards

Baithi

Former Member
‎07-28-2015 2:18 PM
0 Kudos

Hi Baithi,

Thanks a lot!

For point 2

Depends on the methodology,approval workflow will be triggered,indirectly it takes condition groups from approver rule methodology.

If we take example of the above screenshot where APPROVER is mapped to 2 and let's assume 2 is the methodology to build a single role,then do I also have to create other entries in same place for composite role and business role with the methodology?

Ask a Question