Apr 04, 2013 at 08:38 AM
SoD-User level analysis Permission level - Detailed report Issue (GRC 10 SP09)
HI All,
We are running on SP09. We have two fucntions as below
Fucntion ID Transaction Object Field Low High Condition Active/Inactive Func 1 F.80 F_BKPF_BUK ACTVT 01 02 AND Active Func 1 F.80 F_BKPF_KOA ACTVT 01AND Active Func 1 F.80 F_BKPF_KOA KOART S
AND Active Func 1 F.80 S_PROGRAM P_ACTION SUBMIT
AND Active Func 1 F.80 S_PROGRAM P_GROUP F_003
AND Active Func 2 FS00 F_SKA1_BES ACTVT 01 02 OR Active Func 2 FS00 F_SKA1_BES ACTVT 05 06 OR Active Func 2 FS00 F_SKA1_BUK ACTVT 01 02 OR Active Func 2 FS00 F_SKA1_BUK ACTVT 05 06 OR Active
Rule should be all the permissions of Function 1 along with any of the permissions of Function 2 together should be a risk.
But we are having a issue which is explained below.
If a role just have S_PROGRAM --> P_ACTION --> SUBMIT with no other values defined in function 1 this is getting pulled in User level detailed SoD analysis.
I am working to find any SAP note for the same, dropping this message if anyone can help me on this.
Please reply back if you need any further clarification on the issue.
Thanks,
Sravan