Hello,
We have a Role which is existing in our GRC system for a long time, it has some 10+ tcodes in it, it was never shown a risk when assigned to a user, but during the business requirement, we have removed a t-code from it and moved that role to prod, after moving it to prod, it is showing risk for one t-code (function has only t-code, not permissions) for existing users, can someone please let us know why it was not showing any risk previously and showing all of sudden when a t-code was removed from the role.
Few points to remember -
1) Our GRC doesn't have ARM and BRM.
2) Risk was there and generated in GRC from a long time, but showing that risk now.
3) T-codes are not maintained in Menu, they are directly maintained through S_TCODE . (this role was created by some other org before we got this project in our hands and we are aware it is not a best practice).
Regards,
Naga506