Skip to Content

Business Roles : Disadvantages

Hi Everyone,

Need some suggestion on disadvantages of business roles, i can sense that implementing business role increases the complexity exponentially with respect to provisioning and de-provisioning . If a user needs a combination of business and technical role, adding a role and removing the single vs business roles becomes very complex if business roles share same single roles. Mostly business roles have some common transaction/single roles which increases the complexity. I can see that benefit is surely from end user request perspective but provisioning and revocation of access becomes challenging and if you have Enabler roles in the landscape, it becomes even more complex as we need Business as well as transactional role as requestible entity in the request. Can anyone share some best practices and help with reviewing the complexity I highlighted, also help if any IDM system is able to handle the provisioning/de-provisioning cleanly.

Thanks in advance !!

Karan

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Best Answer
    Mar 01 at 04:09 PM

    Karan,

    SAP GRC AC Business Role Management is a concept introduced for the role governance process(with out BRM approvals/SOD analysis is manual).Beauty of the BRM is it will hold roles across multiple landscapes,impact analysis can be performed on the users and also BR's.Yes with GRC 12.0 we can integrate GRC AC BR to IDM BR,so that both systems will be in sync. Provision and deprovision users will be seamless,but regarding enablers you have to think about role mapping in BRM.we have reports available in GRC AC for User 2 BR 2 TR

    Thanks

    Ramesh

    Add comment
    10|10000 characters needed characters exceeded

  • Mar 01 at 04:17 PM

    Refer to the following wiki

    BRM

    BRM2

    Forgot to mention we can enforce naming convention and also apply condition groups

    Thanks

    Ramesh

    Add comment
    10|10000 characters needed characters exceeded