Skip to Content
avatar image
Former Member

GRC 10.1 - How to create a new path?

Hi Experts,

I am trying to create a new path in the existing access request workflow with a new path for risk analysis and may be create a new stage called risk analysis. Need risk analysis to run whenever a request is submitted for change account or new account in IDM. I need it to be set to no approval required, no escalations and no wait for this path. Any guidance will be greatly appreciated.

We will be using Oracle IDM for provisioning users to our SAP and non sap systems. We want to use GRC 10.1 to run the risk analysis for the sap requests submitted through IDM and send it back to IDM.

Thank you for all your help.

Regards,

Kiran

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    May 20, 2015 at 05:21 AM

    Hi Kiran,

    do not give any stage in the path, as there will be no approval required. set 2038 as yes

    i am not aware about config. of GRC sending requests back to IDM, after path

    Regards

    plaban

    Add comment
    10|10000 characters needed characters exceeded

  • May 20, 2015 at 07:18 AM

    Hi Kiran,

    how about setting up risk analysis in background after request submission? Please check the following note: http://service.sap.com/sap/support/notes/2147371

    For the integration with IDM you should check some other documents that are helpful in this regard. E.g.

    http://scn.sap.com/community/idm/blog/2013/04/03/understanding-the-idm-72--grc10-interface

    If you only run risk analysis in GRC (but no access request) you can directly call the risk analysis (simulation actually) and therefore you do not need to configure the access request workflow.

    Hope this helps.


    Regards,

    Alessandro

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Alessandro,

      What you mean call the risk analysis? Please can you elaborate? How can we do that?

      One thought is to execute the function module GRAC_IDM_RISK_WITH_NO_SERVICESthrough the webservices . so basically IDM triggers this function module whenever a request is process in idm to get the risk analysis results and takes it back to determine the next router of action.

      Is that what you are referring to? Does that make sense?

      Thank you.

      Regards,

      Kiran