Skip to Content

Configure FFID Assignment workflow in GRC 10.1 using Decision table

Hi

We are in GRC 10.1 SP 15 and is integrated with SAP IDM. All role assignments happen through IDM but only for risk analysis purpose requests are flown to GRC.

BRF+ is configured accordingly using Procedure calls and Table operations and made use of process ID: SAP_GRAC_ACCESS_REQUEST

Now, my client wants to configure workflow for FFID assignment in GRC. This means we should make use of same Process ID: SAP_GRAC_ACCESS_REQUEST.

Please suggest/help if I add one more line item to BRF+ existing decision table with Request type and Rule Result as additional columns, will it route to the desired path? Is it recommended approach and does it disturb requests from IDM? Thank you.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Best Answer
    Feb 26 at 08:41 AM

    Hello Surya,

    I understand that the Request Type should be used as input to the decision table of the initiator rule. If it is type 6 - Superuser Access, then the rule result will trigger the correct path, based on your MSMP configuration (Step 5 - Maintain Paths).

    It won't disturb the requests for IDM (considering that the request type is different and also checked in the decision table).

    You may need to define that type in SPRO > IMG > GRC > AC > User Provisioning > Define Request Type.

    Cheers,
    Gustavo

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Surya,

      You can set the first row of the decision table for request type 006 - Superuser. Then it can be blank for the other rows(IDM).

      If you need to know the request type for IDM, check in SPRO > IMG > GRC > AC > User Provisioning > Define Request Type.

      Cheers,
      Gustavo

  • Feb 27 at 05:33 PM

    Hi Surya,

    Yes I agree with Gustavo, If the DT has the right Request type and the rule to be triggered, it should not be problem to enable workflow for FF requests.We have the same scenario and its working fine.

    Thanks

    Ramesh

    Add comment
    10|10000 characters needed characters exceeded