on 07-28-2015 11:53 AM
Hi All,
I have few question in BRM if you can kindly help me to understand (Kindly note that I had also gone through the documents in SCN from Collen)
1.What is the difference between the "Role Owner" in Access Management and "When we tick someone as role owner in Access Controllers"
2.What is the reason of assigning APPROVER to a methodology in SPRO
3.Which workflow gets called when we click in "Initiate Approval" while creating a role in BRM
4.How GRC identifies who is the role assignment approver?Is it the MSMP agent or ROLE OWNER in access management?
5.Do we always have to group roles by some condition group and can assign to only one owner?or we can use separate owners for separate roles?
Hi Somik
Some of your questions are quite bordler line spoon feeding. However, I'm happy to answer this as BRM content is quite light on in the community. A lot of your questions really come back to your design - role management processes.
Hope this helps you....
1.What is the difference between the "Role Owner" in Access Management and "When we tick someone as role owner in Access Controllers"
Flagging a user as a Role Owner in Access Controller makes them available to assign them as a Role Owner for either Access or Content Approval against a Role in BRM.
2.What is the reason of assigning APPROVER to a methodology in SPRO
This has been explained in one of the blogs that I wrote and I've stepped through the configuration and impact. It's to help drive the BRM logic to default an approver based on condition groups that you map
3.Which workflow gets called when we click in "Initiate Approval" while creating a role in BRM
This one is a piece of code sitting behind the button (in simplest terms). It then calls the MSMP Role Approval workflow which you configure and choose which levels your want.
Within BRM, the Approvers tab has a Default Approvers. This one does not user MSMP but does use the APPROVER methodology in SPRO and the Condition Group table within NWBC to default approvers based on role content
4.How GRC identifies who is the role assignment approver?Is it the MSMP agent or ROLE OWNER in access management?
Role assignment (ARQ) approvals is based on the MSMP agents. There is a default agent rule for ARQ approval which is role owner. If that agent is chosen then the Role Approver information in BRM is used to pick the Agents
5.Do we always have to group roles by some condition group and can assign to only one owner?or we can use
separate owners for separate roles?
This depends on your design. Configuration use of condition groups is so you can consistently default role owners. You might decide you have a process owner (e.g. finance) so all roles that belong to the Finance business process would have the same role owner. You don't have to use the APPROVER configuration in SPRO and default approvals. Alternatively, you might decide you only want one role approver and therefore you configure a BRF+ rule that only returns one rule result for condition group. That way you can always default the same approver
Regards
Colleen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Somik,
1.What is the difference between the "Role Owner" in Access Management and "When we tick someone as role owner in Access Controllers"
Defining role owners in Access Controllers will gives information about list of owners/approvers are available to use for respective workflows
we can define N number of owners/approvers for role,FF,Risk,Mitigation etc
To define Role Owner to approve the role via workflow the approver should be defined in Access controllers link,then we can map the role owners with respective condition groups.
2.What is the reason of assigning APPROVER to a methodology in SPRO
Once we click to create role,depends on role type methodology will be populated in role management screen.
Depends on the methodology,approval workflow will be triggered,indirectly it takes condition groups from approver rule methodology.
3.Which workflow gets called when we click in "Initiate Approval" while creating a role in BRM
Its depends on selection of role attributes and condition groups mapping,approval will be triggered to approver.
Regards
Baithi
Hi Baithi,
Thanks a lot!
For point 2
Depends on the methodology,approval workflow will be triggered,indirectly it takes condition groups from approver rule methodology.
If we take example of the above screenshot where APPROVER is mapped to 2 and let's assume 2 is the methodology to build a single role,then do I also have to create other entries in same place for composite role and business role with the methodology?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.