on 12-17-2015 2:28 PM
Hello all,
I have a Firefighter for a specific tcode that allows maintenance of a configuration table, and I would like some of the Firefighters (users who access this Firefighter account) to actually receive login notifications just like the Controller does. Why? Because this account is shared by 5 people, and I would like them to all know when this particular configuration table is modified, and by whom.
However, GRC currently does not allow me to add someone as a Controller if they are currently assigned to the Firefighter account. I understand that this is a necessary control, but is there a workaround?
I do not have much experience with GRC Access Alerts, but maybe this would provide a solution? Any recommendations?
I've been thinking about notification agents in MSMP that would allow me to send a notification to the group, but this would take affect for all Firefighter accounts, and not just for the Firefighter account we are concerned about.
The main goal is to provide transparency and notification when this account is accessed.
Any advice or recommendations would be greatly appreciated.
Regards,
Ken
Hi Ken,
You may use BRF+ to define the agent rule for your log notification, where for the required FF ID the notification should go to a group of users and for rest to the controllers.
You may refer below article on BRF to give you an insight.
BRF plus Flate Rule - GRC Integration - Governance, Risk and Compliance - SCN Wiki
Thanks,
Priyanka
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Priyanka:
The LOGIN NOTIFICATION is not part of MSMP. Your notificaiton would work on the Log Review side.
Ken:
Thinking about your scenario, would you want this at the LOGIN time or at the LOG REVIEW time?
MSMP would be for Log Review and SUBMISSION may be an available event on the Global Parameters where Priyanka's suggestion would work.
You could use an Alerting process but you would need to have a specific risk created for the scenario you are trying to alert on but it would be for EVERY change to that table no matter who did it.
Thanks,
Kevin Tucholke
Principal Consultant
SAP America
Thanks, Kevin. Understood.
However, I have configured my access alert, and it is showing in my NWBC report, but I do not have any notification being sent to the risk owner. I have included "send notification" in the program execution for GRAC_ALERT_GENERATION, but I do not have any outbound messages in SOST for the alert. Currently investigating note 1728869, but wanted to check to see if you have had this issue before?
GRC 10.0 SP13
-Ken
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.