Skip to Content
author's profile photo Former Member
Former Member

GRC AC 10 - Risk Analysis mandatory for scenarios wherein all roles rejected by an Approver.

Hi,

We have got a request from couple of client to implement a scenario wherein:

In case all roles rejected by role owner then risk analysis is not forced for user, as of information received its not possible to implement same set up in GRC AC 10(was possible in 5.3) but would like to comment if anyone have solution or have a comment from SAP directly.

Reject role is done at line role level but not at request level.

Its slightly difficult to explain customer wherein system is forcing risk analysis for cases wherein requestor have reject all role for which he/she is an approver.

Regards,

Nishant

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • Best Answer
    author's profile photo Former Member
    Former Member
    Posted on Jul 28, 2014 at 08:49 AM

    Hi Nishant,

    I believe that if the setting "Risk Analysis is Mandatory" is set to "Yes" within the stage setting, then in GRC 10.0 it forces you to perform the risk analysis before accepting the click of the "Submit" button. If one is not performed, then you get a message on the screen stating it is mandatory.

    If you are rejecting the whole request, then by pressing the "Reject" option from the "Other" option in the header, I don't think the system forces you to perform the risk analysis, but if you are rejecting the items at line level, then you have to press "Submit" button to proceed (hence it forces you to perform a risk analysis).

    I think this is why you are experiencing this behaviour. The Submit button is seen as a progression within the workflow (even if all items are rejected at line level), whilst the "Reject" option at the header level simply kills off the request. I have not seen or found a way round it, apart from not making the risk analysis mandatory at a stage within a workflow (which I believe is not a good idea to do in your case, or in any other workflow design where risk analysis should be double checked in a access request). Hope that helps.

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi,

      Will wait for few days to get some more view over this thread, after that will create OSS (asking to provide feature as its in 5.3 or letting us know why cannot be implemented).

      @All : Whoever going through this discussion,please share your experience.

      Regards,

      Nishant

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.