cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Impact Analysis as Default

Go to solution
Former Member

on ‎09-17-2016 4:40 PM

0 Kudos

Hi Experts,

I would like that if my end user submits a request, that only the risks in my request are analysed and not the user. From what I have seen, that is only possible if my analysis type is "Impact Analysis". Is it possible to  default risk analysis as impact analysis on request submission in sap grc?

I searched a lot but I couldn´t find a proper solution.

Just as an example:

I submitted a request where both roles have no risk, so my request should go to the Auto approve path:

However the user which I want to assign the two roles has a lot of risks associate, so the workflow goes to the Risk Owner of each risk that the user has.

So how can I specify my impact analysis as my default risk analysis?

Thank you for your help.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

alessandr0
Active Contributor
‎09-17-2016 7:56 PM
0 Kudos

Dear Vasco,

did you try to disable parameter 1073 (to NO)? Then it actually should only analyze the access that is present in the access request.

Regards,

Alessandro

Show replies
Show replies
Former Member
‎09-19-2016 9:40 AM
0 Kudos

Dear Alessandro,

Thank you for the tip. I setted the parameter 1073 as "NO" and now when I select the simulation button it shows no risks. However the problem still exists.

Basically, when the user submits the request, there should be automatically a risk analysis, if there is no risk, then the request should be automatically approved, otherwise it should go the risk approver. From my research, although i set the parameter 1073 to NO, the risk analysis tab will always consider the user current roles and risks. So I can have a request with no risk but the final user has risk, so it will always go to the risk approver.

Isn´t it possible to default the analysis type to Impact Analysis?

thank you

alessandr0
Active Contributor
‎09-19-2016 2:43 PM
0 Kudos

Vasco,

the impact analysis is a feature from BRM - I don't think that it can be used in ARM.

Regarding your issue - to be honest I do not get the point why actual roles (existing assignments) of a user should not be analyzed together with the new roles. That's basically the impact analysis of what would happen if the new roles get assigned along with the roles that are already assigned. From a compliance point of view that makes also sense.

To activate the automatic risk analysis you can set parameter 1071 to ASYNCH so that it runs in background after request submission. Based on results you can then either route the request to no approval (an empty path) or approval required (path with stages).

Hope this helps.

Regards,

Alessandro

Answers (0)

Ask a Question