Skip to Content
author's profile photo Former Member
Former Member

GRC AC 10.0 Role Owner can Approve owned role

SAP Gurus,

Could you please help me in the below scenario (GRC Access Control V10.0):

I want to configure such a way that ROLEOWNER should not be able to approve the role that he owns for himself.

Eg: Role1 approver is ROLEOWNER1.

If someone/Roleowner1 raises a request to assign the ROLE1 to ROLEOWNER1 then the roleowner1 should not be able to approve as the request is raised for himself. There should be an error message. Currently, we have the EUP setting set to "NO' for the Approve/Reject Own Requests setting. The result is we receive two messages:

1.)“You are not allowed to approve your own request” – Correct system response

2.) “Access Request XX is approved”- The request should not be approved in this situation, but does progress through workflow.

I would like to avoid using a custom agent rule, because role approvers at for my client change frequently. It works correctly for our Manager stage. If a user sets themselves as the manager, they are unable to approve at that stage.

Please advise. I will appreciate your help.

Thanks,

Ryan

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • author's profile photo Former Member
    Former Member
    Posted on Oct 09, 2012 at 04:40 AM

    Hi Ryan and Pedro,

    Kindly implement the below SAP Note to resolve the issue.

    #1654981: UAM: Not able to set EUP Field 'Approve/Reject Own Requests'

    #1662253: UAM: EUP 'Approve/Reject Own Request' setting issues

    #1661313: UAM: Approve/Reject Own Request setting works

    Note: Please ignore the SAP note which you have already implemented.

    Regards,

    Shaily

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Oct 08, 2012 at 03:25 PM

    Hi,

    I am having the same Problem. Did you encounter a solution for this Issue?

    thanks!

    Pedro Nunes

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.