Skip to Content
avatar image
Former Member

Determining the Pending Approver(s) for a CUP Request

Hi GRC Forum,

We use GRC CUP 5.3 SP8 for provisioning account in SAP. We are gathering the Role owner approvals in CUP and the account gets automatically provisioned once all approvals are done in CUP.

We have a challenge in rightly identifying the pending approvals for a CUP request. When you search for a request and view it, the ' Approval Path Status" section shows all approvers that the system had identified in the request path. We have a single stage approval path and when the request contains multiple Roles, it's difficult to find the approver the request is now waiting on especially when some Role owners have already approved their roles.

Further, the Roles/Profiles section too is confusing to the fact that it displays all Roles to be approved(with a green check) though they might not be approved yet.

The only alternative that we have found till now is to check the audit trail to see the roles that are said to be approved. But this also poses another conflicting audit trail part that if the approver choose to add some roles while he approves his roles, they also are stated to be approved. But in fact they are only added and will need to get the approvals from the respective owners later.

Has anybody come across a clear method to identify the pending approvers for a CUP request? Thanks for any hints,

Regards

Anil

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • avatar image
    Former Member
    Jun 16, 2010 at 05:55 PM

    Anil,

    We have been using GRC-AC AE for a while and have not come up with a better process that what you are doing already. We are on v5.3 SP11.1 and I have not seen anything that would indicate that the gap in reporting you mentioned is fixed.

    I would recommend a SAP Msg requesting an enhancement.

    -john

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jan 06, 2012 at 08:35 PM

    Hi Anil,

    the Audit log can be cumbersome when there are many approvers in a request.

    What I do with my account that has the AC_ADMIN portal role is:

    1)under the configuration tab navigate to request => Administration

    2)enter the request number to search for ( the results will tell you what stage the request is in)

    3) click into the request

    4) click on the forward request button

    At the top of the screen you will see all pending approvers for the current stage. If the person is no longer the valid approver for this part of the request you can forward it on to the right person by continuing on. Be careful with the forward with return vs. forward w/o return. My rule of thumb is if there are two pending approvers for the stage forward with return otherwise do not have it return.

    if the person is temproarily out of the office and you need to forward all approvals to a delegate use Approver Delegation (located just above the Administration link you clicked into earlier)

    The Audit log is helpfull when trying to determine if you have a mapping confilct.

    Regards,

    Brian

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jan 08, 2012 at 04:52 AM

    Hello,

    There's always a solution if you work at database level.

    For example, you can find all open request first (working with table VIRSA_AE_RQ_HST, looking for REQNO's without CLOSED ACTION_VALUE)

    If you send e-mails to approvers, and a request is open, you have to find the last e-mail sent for this request (work with table VIRSA_AE_EMLLOG), you'll find the pending approver e-mail then.

    If you have more than one approver at a single stage it's more complicated, but anyways using data available in table VIRSA_AE_RQ_HS should be possible.I mean, you have to create a customized query(s),maybe someone figures out the query code...

    Cheers,

    Diego.

    Edited by: Diego I. Yaryura on Jan 8, 2012 8:25 PM

    Add comment
    10|10000 characters needed characters exceeded