on 04-02-2015 1:03 PM
Hi SAP,
we are on GRC 10.0 SP 15.
could you kindly tell me, if there is any way to activate the "generation" step for business roles in brm?
I am confronted with the follwing issue: the business rule can be created with conflicts, because I have only the methodology step access risk anaysis available.
I did the configuration for the Condition Group+BRF+ etc. but the Methodology phase"Generation" didn't appear.
Thanks for the information.
Regards,
Manuela
Manuela:
Role Generation is NOT valid for GRC Business Roles. You must generate the single/derived technical roles individually. This is a process issue and requires that you understand that in your process these Business Roles should not have any conflicts and the role then needs to be adjusted.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Manuela,
Business Role is an efficient way of managing roles in an organization and model them based on a job function. Each business role represents a Job role or function and is associated to one or more related Technical Roles.
So, Once these technical roles are generated, they are just added to business roles which acts like a container.
So, For business Roles we can't have generate as a step in methodology.
Regards,
Deepak M
Hello,
You need to select the Generation step in methodology which is created for business roles
Define methology process and Steps
check below documents for some more information
Business Roles concept and usability in GRC AC10 - Governance, Risk and Compliance - SCN Wiki
Regards
Baithi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Baithi,
I know that documentation.
as I described before, I did the configuration for the Methodoolgy, but when I create a business role the steps aren't included.
I think, that SAP didn't programmed the generation step for business roles.
Or sombody of the community has this step active?
This methodology in the documentation "Business roles concept and usability" is in my eyes fake:
Maintain Authorization will never exist for a Business Role!!!
Hi Manuela,
Business role is just container in which roles from different systems can be grouped in to one business role and these roles just exist in GRC system only.
Role generation is for the roles which need to be generated in backend systems.
Basically you need to define a process in your project with respect to creation/maintenance of business roles and how to mitigate the risks in case of risk violations with business roles.
In our environment all business roles creation/maintenance is done by GRC support team and its their responsibility to make sure all business roles are risk free and in case of violations need to discuss with Role owners and should amend the changes accordingly.
Let me know if you have any queries.
Regards,
Madhu.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.