cancel
Showing results for 
Search instead for 
Did you mean: 

GRC AC 10.0 Role Owner can Approve owned role

Former Member
0 Kudos

SAP Gurus,

Could you please help me in the below scenario (GRC Access Control V10.0):

I want to configure such a way that ROLEOWNER should not be able to approve the role that he owns for himself.

Eg: Role1 approver is ROLEOWNER1.

If someone/Roleowner1 raises a request to assign the ROLE1 to ROLEOWNER1 then the roleowner1 should not be able to approve as the request is raised for himself. There should be an error message.  Currently, we have the EUP setting set to "NO' for the Approve/Reject Own Requests setting. The result is we receive two messages:

1.)“You are not allowed to approve your own request” – Correct system response

2.) “Access Request XX is approved”- The request should not be approved in this situation, but does progress through workflow.

I would like to avoid using a custom agent rule, because role approvers at for my client change frequently.  It works correctly for our Manager stage. If a user sets themselves as the manager, they are unable to approve at that stage.

Please advise. I will appreciate your help.

Thanks,

Ryan

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
0 Kudos

Hi Ryan and Pedro,

Kindly implement the below SAP Note to resolve the issue.

#1654981: UAM: Not able to set EUP Field 'Approve/Reject Own Requests'

#1662253: UAM: EUP 'Approve/Reject Own Request' setting issues

#1661313: UAM: Approve/Reject Own Request setting works

Note: Please ignore the SAP note which you have already implemented.

Regards,

Shaily

Former Member
0 Kudos

Thanks Shaily,

that is the correct solution!

Pedro

Former Member
0 Kudos

Hi Shaily,

Would you happen to know the notes to fix similar issue in 10.1 to limit ff id owners and controllers from approving their own requests?

Any info will be very helpful.

Thank you

sushni

Former Member
0 Kudos

Hi,

I am having the same Problem. Did you encounter a solution for this Issue?

thanks!

Pedro Nunes