on 07-11-2014 1:35 PM
Hello GRC Experts,
I have a following issue in my MSMP workflow:
I have created a MSMP workflow using detour Rule GRAC_MSMP_DETOUR_SODVIOL ar first stage. If an Access request contains SOD violations the request should be routed to Security stage. If works fine so far, but with one exception. We have requests which contain three roles, two of them have SODs and one is clean. I expect that only two roles which contain SOD should be routed to SOD path, and the role which is clean should go the normal path (No SOD path). However I am facing the situation that the whole request is routed to the SOD path and Security stage.
Do you have any idea how to solve this issue?
thank you in advance
best regards
Sabrina
Here are the screenshots from the MSMP workflow
Hi Sabrina,
we had exactly the same challenge - this is how we solve it:
- check parameter: 1073 Enable sod violations detour on risks from existing roles (recommended YES)
- routing level - make sure the stage settings (where your routing rule is executed) are set to "line item level" under MSMP Workflow configuration / Maintain paths/ maintain stage settings
Hope this helps,
Filip
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
as a general rule of thumb, for flexibility you need to ensure that your Initiator, Routing and custom Approval Agent rule is created as a BRFplus Line item by line item rule.
Also, as Filip has mentioned, have the routing of the stage at line item level.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.