- SAP Community
- Products and Technology
- Additional Q&A
- How do you Run Risk Analysis on more than one open...
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
How do you Run Risk Analysis on more than one open requests for same user?
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 06-17-2015 6:07 PM
For example, User1 requests RoleA and RoleB together a single request. The Risk analysis is run against both roles.
Then say later on, the User1 requests another role. So they proceed to request RoleC. Now there are 2 separate requests in GRC.
So how can these 2 separate requests be grouped automatically during the Run Risk Analysis?
To clarify further, if a role owner has to run the risk analysis on RoleA, the system will take RoleB into consideration because it's on the same requests but how do we force any and all other open requests to be processed in the RA for the same user?
Thank you
Jon
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
SAP IDM does have it's benefits. In addition to SAP ABAP and Java provisioning, IDM allows you to provision to non SAP systems like Active Directory, HANA, Operating Systems, Databases, Email Servers and other various Cloud Services. It's very customizable.
After discussing with my GRC team, the limiting of a single open request per system would not be effective in our large landscape. They mentioned several unintended consequences with the biggest concern of how long open requests take to fulfill.
So this issue of In Process GRC requests was an issue here when we used CUP and would still be an issue with ARM.
Granted multiple Business Roles were grouped in CUP when requested at the same time, but we still had users request business roles over time that were in flight resulting in multiple in process requests.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Jonathon Sells wrote:
After discussing with my GRC team, the limiting of a single open request per system would not be effective in our large landscape. They mentioned several unintended consequences with the biggest concern of how long open requests take to fulfill.
Jon,
Why does it take so long for requests to go through your approval process? Not enough role approvers/ lack of backup role approvers? Easily correctable. Role approval required for many roles that are display only/ not really sensitive? Not difficult to remedy. Role approvers sit on the requests too long? Funny thing is, when the managers and requesters start calling up the role approvers and asking them what the heck is taking so long for them to make a decision, role approvers start taking action on requests more timely. What else causes slow processing of requests? We have found that a lot of it is training issues, and most of our multi-system GRC requests are closed and provisioned in 24 hours or less, unless there are SOD exceptions to be mitigated.
Cheers,
Gretchen
- Enabling Stories in People Analytics: Transforming Data into Insights in Human Capital Management Blogs by Members
- Securing Your Data with Data Access Controls in Datasphere in Technology Blogs by Members
- SAP BTP FAQs - Part 4 (DevOps) in Technology Blogs by SAP
- SAP PO to Integration Suite | Migration Assessment Tool in Technology Blogs by Members
- RISE with Innovation and Sustainability in Technology Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.