on 04-27-2015 4:49 PM
All,
Is there a current method for generating a User violation report that shows all SOD's via the technical role and which Business role that, the Technical role is associated to in GRC?
Currently the reports that I am seeing do provide the transaction, authorization, and technical role level of any violation and what business process triggered it but does not show which business role(s) that these conflicting SOD's reside in. (especially if a user is assigned to 2 or more business roles)
Audit is pulling reports of users with SOD's and asking to re-mediate the SOD but currently we have to do dumps of all of the business roles a user is assigned to and then compare the role listed in the violation with the technical roles listed in the assigned business roles of the user.
is this available at all? or maybe in 10.1?
Dear Michael,
you can switch to "Detail View" so that you see the roles where the transactions/authorizations coming from.
Also see note: http://service.sap.com/sap/support/notes/2050822
Does that answer your question?
Best regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you for the Response Alessandro:
I already had the Technical role details from the backend, what I am looking for is which Business Role that those technical roles are found in that the user is assigned to.
in your screen shoot you see two tabs...Role/Profile and Composite.
What I am looking for is another tab next to those that is Business Role. (photo-shopped a picture to show example)
Dear Michael,
yes exactly - the new feature comes with the note. It is also possible to implement this note in 10.0 (it's included in SP17 but can be implemented earlier).
See the following screenshot how it looks like in an productive environment after implementing this note:
[BR] stands for Business Role.
Hope this answer the question.
Bestregards,
Alesandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.