Solved: Split of an Access Request in GRC

Former Member · ‎07-11-2014

Hello GRC Experts,

I have a following issue in my MSMP workflow:

I have created a MSMP workflow using detour Rule GRAC_MSMP_DETOUR_SODVIOL ar first stage. If an Access request contains SOD violations the request should be routed to Security stage. If works fine so far, but with one exception. We have requests which contain three roles, two of them have SODs and one is clean. I expect that only two roles which contain SOD should be routed to SOD path, and the role which is clean should go the normal path (No SOD path). However I am facing the situation that the whole request is routed to the SOD path and Security stage.

Do you have any idea how to solve this issue?

thank you in advance

best regards

Sabrina

Here are the screenshots from the MSMP workflow

FilipGRC · ‎07-11-2014

Hi Sabrina,

we had exactly the same challenge - this is how we solve it:

- check parameter: 1073 Enable sod violations detour on risks from existing roles (recommended YES)

- routing level - make sure the stage settings (where your routing rule is executed) are set to "line item level" under MSMP Workflow configuration / Maintain paths/ maintain stage settings

Hope this helps,

Filip

Former Member · ‎07-25-2014

as a general rule of thumb, for flexibility you need to ensure that your Initiator, Routing and custom Approval Agent rule is created as a BRFplus Line item by line item rule.

Also, as Filip has mentioned, have the routing of the stage at line item level.

Split of an Access Request in GRC

Accepted Solutions (1)

Accepted Solutions (1)

Answers (1)

Answers (1)

Re: ASEGURAMIENTO DE TABLAS

Re: Getting error while Creating role in BRM

Re: How to enable the add, delete,edit system on s...

Re: CJS-30252 Running priviledged function stop of...

Successfactors login issue.