Skip to Content
0
Oct 20, 2019 at 01:08 PM

SAP GRC Rule Design Check in connected SAP systems

138 Views

Dear Gurus,

I may sound foolish by asking this samplar design scenario. Let say i have a GRC design as followed (NOT an SOD)
S_TCODE: SE38
AND
S_DEVELOP: ACTVT - 03
AND ACTVT - 16
AND OBJTYPE - PROG

In a role following way the authorizations are defined
S_TCODE: SE38
AND
S_DEVELOP: ACTVT - 03
AND OBJTYPE - PROG other authorization objects with any values
AND
S_DEVELOP : ACTVT - 16
AND OBJTYPE - PROG
Both S_DEVELOP have different authorization objects profile but part of the same role.
When rule design is checked, will this role show up. If so, how SAP is reaching to conclusion that ACTVT 16 and 03 here are in AND relationship when the authorization object profile itself is different.