We are working with version 8.0 SP6 of SAP Identity Management.
IDM and GRC Access Control were integrated for risk analysis and mitigation when assigning S/4HANA system privileges to users.
When we assign at the same time two privileges (or more) of this system (S/4HANA) which generate a risk (when assigned to the same user) and must go through GRC for validation, we notice that the IDM approver receives only one request for a single role among the 2 assigned.
If the IDM approver chooses to validate the request he received:
- The 2 privileges are validated in IDM and the AC Request is sent to GRC (both are displayed in the GRC approver Interface)
If the IDM approver chooses to reject the request:
- The privilege that he received is rejected and therefore it has a “Rejected” status in IDM, but the other privilege goes directly to OK status without needing validation / rejection from the IDM approver.
We want the IDM approver to receive 2 requests for the 2 privileges assigned to manage them separately.
Is there anyone who has encountered the same problem before?
Could you please help us resolve this issue?