cancel
Showing results for 
Search instead for 
Did you mean: 

Risk Owners approval using ABAP Function class

Former Member
0 Kudos

Dear All

I have implemented ABAP function class ZCL_GRAC_WFA_RISK_OWNER to identify the risk owners once the role approval is done, the Workflow is working fine with one exception.

My scenario is like this - i have mapped P059 risks to PR risk approver coming from PR role, S007 risks is mapped to SD risk approver coming from SD role, so when the role owner have approved both the roles, i would like to send seperate risk approval requests to 2 diff risk approvers as per my mapping.

But currently P059 & S007 risks are routed to both approvers at the same time & when one of them approves the risks - both risks get approved & provisioning is taking place.

i would like 2 risk approval to be put in place - any idea on how to acheive this?

Naveen

Accepted Solutions (0)

Answers (4)

Answers (4)

former_member110782
Discoverer
0 Kudos

Hi all,

We also have the problem when we implemented the note Note 1670504 - AC 10.0 Risk Owner Wokrflow Agent (Version 19 from 2019).

We have one role with 2 risks from two different approvers.

The risks are routed correctly to the approvers as it should be. Both approvers see the same role in the request--> it is still correct. But when one risk approver approves, the role (and also both risks) get approved and provisioning is taking place.

It should be, that both risk approvers have to approve or rather disapprove. Then the provisioning can taking place (or not if disapprove).

Should it work with BRF+ rule, when one role has different risks from different approvers?

Best regards,

Nhung

Former Member
0 Kudos

Hi All,

I am facing the same issue as above. Can you please let me know how you handled this issue?

Thanks

plaban_sahoo6
Contributor
0 Kudos

Hi,

Any approver or All approver is not the solution. Bu Approval at level of Role or Request is.However the note says, that all Risk owners will be sent all risks, which is not desirable.

So, the best approach is to use custom  BRF+ rule and route it to specific risk owners.

Regards

plaban

Former Member
0 Kudos

The attached ABAP code needs to be looked at, this should only send that particular risk to its applicable risk owner only. This should work correctly if your risks have correctly defined risk owners against each risk presently in the request stage.



Have your ABAP person cross verify the code - this is already available in the class delivered via the referred note. Good luck!

former_member184114
Active Contributor
0 Kudos

Naveen,

Can you check stage settings of after routing the risk? I believe you can set here "approve all" or "any one approve"

kindly check, hope this is what you are looking for.

Regards,

Faisal

Former Member
0 Kudos

Dear Faisal

thank you for response, i have checked with both settings, found no difference.

I believe since the ABAP class sends both risks as a single item & not as a line item by line item  - hence at Risk approval stage - the Risk owner from SD can see both P059, S007 risks & vice versa, so when one risk owner commits to approve - both risks are approved by default.

need to check if tweaking the abap code will solve this issue?

Naveen

Former Member
0 Kudos

Hi Naveen,

I presume you implemented the ABAP function class mentioned in SAP note 1670504.

Within the access request, the individual line items are considered as the roles, but when a role contains a different number of risks ranging from different Business Processes (i.e. SD, MM, FI) then that specific line item will be sent to all the different owners pertaining to the risks within that specific role.

The issue you are facing is that your stage approval level may be "any one approver" therefore whoever approves their risk first, it is approving and accepting all the other risks on behalf of all the other risk owners also.

Former Member
0 Kudos

Dear Hari

Thanks for your response.. Yes i have implemented the note 1670504..

As mentioned earlier i have checked my Risk approval Stage setting with both options "ALL APPROVERS" & "ANY ONE APPROVER"

but still when one of the risk owner approves all the risks are get approved & the provisioning is completed.

PFA

Do let me know if you have any more options.

Naveen

Former Member
0 Kudos

Hi Naveen,

Thanks for the screenshot. In theory what should happen in your case is that if a role contains a FI risk, a SD risk and a Basis risk, then the role should be approved by "ALL" the risk owners for those respective risks.

However, you are saying that if any one of them approves the request, the line item is approved and pushed forward into the path/workflow. I am assuming that you have managed to re-activate the workflow with the new agent assigned and you did create a brand new request after the MSMP activation.

I tried this class a few years ago on SP07 (using your settings) and I did not experience the behaviour you have observed.

What Support Pack and GRC version are you on? I am wondering if you are using 10.1. This Function Class may not be totally compatible with 10.1.

mamoonr
Active Participant
0 Kudos

Hi Murthy,

As I can see from screen this is GRC 10.1

Are you able to use this Risk Owner Agent for 10.1 as I am unable to use this agent.I implemented the same code in our system(10.1) but MSMP throws error that agent not found.

Please confirm.

Regards,

Mamoon

Former Member
0 Kudos

Dear Mamoon

Pls check have you defined risk owner information (User ID) for the individual GRC risks.

this will solve your issue.

Naveen

mamoonr
Active Participant
0 Kudos

Hi Naveen,

This has already been taken care.Is there any other thing that I need to check.

Thanks,

mamoon