Skip to Content

Authorization for PC

Jun 04, 2017 at 10:24 AM


avatar image

Hi All,

Could you suggest the difference between 'Maintain Entity Role Assignment', 'Regulation Role assignment' and ' Maintain Custom agent determination rules'

How do i decide the entry in the above, for any Workflow



10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Best Answer
Rajeshwari Akkamgari
Jun 05, 2017 at 05:02 AM

Hello Plaban,

Entity level authorization is defined by using the authorization object GRFN_API within role definitions. However, these application roles are not assigned to users within transaction PFCG or SU01 but directly in the GRC application on the end user UI.

You can refer to SAP note 1572360 for more details.

Business events defined in 'Custom agent determination rules' are used where workflow is triggered

Example-when an assessment is planned, before triggering workflow the system check if there is any relevant business event is defined or not.Based on that it will choose the relevant role and then the resposible user assigned to that role.



10 |10000 characters needed characters left characters exceeded
plaban sahoo Jun 08, 2017 at 02:50 AM

Hi Rajeshwari,

thanks for the note. it was indeed helpful. But, I think, the difference between, Entity role assignment and regulation role assignment is through the example below

'Entity allows for access to entire Org unit, while Regulation role, allows access for a specific Org unit, identified by regulation.

10 |10000 characters needed characters left characters exceeded