on 09-05-2013 8:19 AM
Hello Gurus,
We are following Business Role concept for provisioning....
Workflow we are maintaining for the New Request is Requestor -> Manager -> Role Owner-> Provisioning
Here Requestor will select the Business Role (Nothing but a Job Position) and submit the request.
After the Manager Approval... Role owner will do the risk analysis and if he wants to remove any technical role in the selected business
role... there is no option for that...
So please suggest.....how to remove a technical role from the selected business role by the role owner
Thanks,
Sriram
approver can reject the enitre business role , cannot reject any techinical role .
you need to redisgn business role accordingly.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Sriram
You are talking about two process here .
1. Role lifecycle management (adding/removing single role from business role )
2. User access with roles .
and to answer your question you would not be able to reject at single role level in business role as what will happen to other user who have same business role ,they may still need that single role .
So i think thats per design ,
What you can do here is some single role is not required reject that buisness role and either create a new request or in the same request add those techncial roles which are missing .
I think solution need to be more process driven then tool,
Kind Regards
Asheesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
HI,
As per our customer, they want end user to select only the job positon and that position should contain all the single roles mapped. And one owner for approving the position so that all the single roles will be assigned.
but if we go for request template it will direct to multiple role owners.
If there is any remidiation required for the business role at the risk manager stage, we have no option to remove the single role from the business role.
so is there any other role type which satisfy my requirment and also please explain me the concept of role mapping.
Thanks,
Sriarm
As I said earlier, you can only approve the Business Role as a container, not the individual roles within etc.
Best thing to do is make your "Job Roles/Business Roles" SOD Free at role level (similar to Composite roles concept) , like any good Risk re-mediation concept. this could involve making your business role small in terms of technical roles assigned.
Hello Sriram,
sub-approval of the technical roles within the Business role is not possible (yet). I have also raised the same question to SAP and I don't think we shall be seeing this option any time soon.
My suggestion for achieving the approval scenario you want is to use the "request template" option (i know this defies the point of business roles, but this will allow you to approve individual technical roles etc).
hope this answers your question.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.