cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC PC Org level Admin for different locations

Former Member

on ‎01-16-2016 4:39 AM

0 Kudos

Hi Gurus,

We have a requirement where we need to restrict Org Admins by different geogerphies like Asia , Europe etc.

These admins can view the whole Org but admins of Asia and Aust. can only be able to assign local controls and tester to only under there orgs but cant change the master data while admins from US and Europe can only change there respective org master data and assign testers to these org.

We are on 10.1.

Any suggestions?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

tobias_sieg
Explorer
‎01-20-2016 11:36 AM
0 Kudos

Hey Aryendra,

have you checked whether the 2nd Level authorization concept (Security guide chapter 5.1) may be can a solution for your issue?

I think that should work!

Regards

Tobias

Show replies
Show replies
Former Member
‎01-20-2016 4:00 PM
0 Kudos

Thanks Tobias, As per my understanding 2nd level can only restrict user pool to be selected for Process owner or tester.

How this can restrict users and Org admins to particular orgs like Asia or Europe?

tobias_sieg
Explorer
‎01-21-2016 1:04 PM
0 Kudos

Hey Aryendra,

in the GRC backend in the PFCG you have different roles for different tasks wich you can assign to the user. Additionally you must assign specific users (with this roles) to a specific organization or company (as well as processes and controls) which you have created in the org structure. Go to NWBC into Access Management, then GRC Role Assignment and then Organizations. Here you can add an user which is responsible for a specific organization. But it depends on your org structure. You can also work with zentral or local master data. So an local user can only change local master data but not globaly.

I hope this helps

Tobias

Former Member
‎01-21-2016 2:24 PM
0 Kudos

Hi Tobias,

Thanks, yes this is the basic understanding for PC security. However if you can please read the requirement it says that we need different Org Admin with different rights, as this is a global company.

Former Member
‎01-19-2016 11:50 PM
0 Kudos

Any inputs of any kind,

Do we have functionality in GRC PC to restrict on different Org or Process level at all like in SAP on different plants? Or its just that we can restrict only vertically on all org and all process-sub-process level only and not on different values of Org and process.

Can anyone please clarify this?

Show replies
Show replies
Ask a Question