We have implemented GRC AC 10 & cleaned approx 67 SOD roles (permission level).
But these roles were cleaned in Sandbox system and now we plan to move them one by one to ERP landscape.
But in the mean time there were changes which were made to roles in the whole landscape and it has caused a "delta".
We would like to find it out and map the changes in the "Cleaned roles".
To do this we went to the ERP development system and found all the transport request related to ROLE changes which were imported to ERP Production system.
When we go to Tx: SUIM & select change document & select "Authorization data" it does give us information on changes made to the role the values under "NEW Value" is seen as "UNKNOWN" and Old value is "empty".
Is there any best practice to get clear information of which "Transaction" or "Authorization Object" or it's "Value" was changed ??
I am attaching an excelsheet which contains information from SUIM for a changed role.
If possible please go through it and provide me suggestion.
Thanks in advance.