on 09-22-2015 7:43 AM
Hi All,
In one of our implementations we have found that there is a SAP GRC product gap where there is a potential risk which allows the users to get access to the role having SOD risk violations. We have raised this issue to SAP as a product vulnerability and now product team is looking into this and requested us to put this in ideas place as well.
Below is the link to the issue we reported:
Concurrent Role Maintenance and Access Request can cause SoD violation : View Idea
Just wanted to know other experts opinion and their inputs in addressing this issue and also wanted to know if they have ever come across this issue during their implementations
Looking forward to hear from all of you as well as your support on getting this vulnerability fixed from SAP.
Thanks & Regards,
Madhu Sai.
Hi Madhu,
I have the below suggestions, on your 3 recommendations
1. Risk analysis mandatory can be set(in stage level) as YES, so that even if 1071 is yes, approver has to perform risk analysis.however, this suffices, only of this is the last stage, before provisioning, and the approver submits the request immediately after doing risk analysis. in addition you have to remove ' Request mitigation policy', from SPRO ->..->Maintain AC applications and BRFplus Function mapping.
i will look into other recommendations, and will try to provide my feedback
Regards
plaban
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.