on 06-24-2008 8:48 AM
Hi,
Following is the scenario:
We have almost 10-15 company codes as:
1000
2000
3000
4000
5000
As per SODs, a person having access to a company code 1000 should not have access to other company codes for the assigned TCODES.
Lets say, if a user(User1) has access to company code 1000 should not have access to other company codes....2000,3000...
If I create org. rule for the same in CC, I would create in the following way:
-select the risk
-specify the Org level (here company code BUKRS)
-From :company code
-To: company code
-Search Type: condition (Not, AND, OR)
-Status:Enable / Disable
Following is the table looks like:
=============================================
Risk Org Level From To Srch Type Status
=============================================
Risk1 Company Code(BUKRS)1000 AND Enable
Risk1 Company Code(BUKRS)2000 OR Enable
Risk1 Company Code(BUKRS)3000 OR Enable
Risk1 Company Code(BUKRS)4000 OR Enable
Risk1 Company Code(BUKRS)5000 OR Enable
Then the same process continues for company code 2000
=============================================
Risk Org Level From To Srch Type Status
=============================================
Risk1 Company Code(BUKRS)2000 AND Enable
Risk1 Company Code(BUKRS)1000 OR Enable
Risk1 Company Code(BUKRS)3000 OR Enable
Risk1 Company Code(BUKRS)4000 OR Enable
Risk1 Company Code(BUKRS)5000 OR Enable
That means, for one company code you have to write remaining 4 records (1:4).
Is there any way by which can make this process easier since this is quite laberously job.
That would be a great help if I can do in this way.
Regards,
Faisal
Faisal-
I have implemented org rules for 2 of my clients, and I have not found an easier way to do what is required. You are doing it correctly to ensure the org rules are implemented right.
Yes, it is a very labor-intensive procedure...
Ankur
GRC Consultant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I think this is the only way even i have learnt, although am very new to GRC implementation but so far i have not came across any work around to setup organizational Rules.
may be this process can be automated with ecatt, rather testing we can go for real scenarios. just an idea.
Best Regards,
Amol
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.