Skip to Content

Authorization for PC

Hi All,

Could you suggest the difference between 'Maintain Entity Role Assignment', 'Regulation Role assignment' and ' Maintain Custom agent determination rules'

How do i decide the entry in the above, for any Workflow



Add comment
10|10000 characters needed characters exceeded

2 Answers

  • Best Answer
    Posted on Jun 05, 2017 at 05:02 AM

    Hello Plaban,

    Entity level authorization is defined by using the authorization object GRFN_API within role definitions. However, these application roles are not assigned to users within transaction PFCG or SU01 but directly in the GRC application on the end user UI.

    You can refer to SAP note 1572360 for more details.

    Business events defined in 'Custom agent determination rules' are used where workflow is triggered

    Example-when an assessment is planned, before triggering workflow the system check if there is any relevant business event is defined or not.Based on that it will choose the relevant role and then the resposible user assigned to that role.



    Add comment
    10|10000 characters needed characters exceeded

  • Posted on Jun 08, 2017 at 02:50 AM

    Hi Rajeshwari,

    thanks for the note. it was indeed helpful. But, I think, the difference between, Entity role assignment and regulation role assignment is through the example below

    'Entity allows for access to entire Org unit, while Regulation role, allows access for a specific Org unit, identified by regulation.

    Add comment
    10|10000 characters needed characters exceeded