Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

GRC 10 MSMP workflows - Issue

Go to solution
Former Member

on ‎2014 Feb 21 1:31 AM

0 Likes
3,518

Hi All,

In GRC 10 when creating an access request, user will have an option to add ROLES and SYSTEMS. Here what is happening is if i add System line item, workflows are not working even though i have routing rule for system line items separately. I have tried in different ways and none worked out so far.

Has anyone implemented workflows having both ROLES and SYSTEM lineitems together and were succesful ?

What is the best practise while creating an access request? Just adding roles or both roles and System lineitems together?

Is there any option to remove SYSTEM option from ADD button available on access request screen ?

Things i have tried and one more consultant on this forum also had the same issue. Still couldn't crack solution for this

1. If you add both role and system as line item in access request, both has to have the approvers defined (custom agent or standard agent) otherwise the request goes to "Approver Missing" path

2. If you add approver to the system line item and when it is approved the whole request moves to next stage (it doesnt wait for the role line items to be approved)

3. Even if you add a routing rule to split the system line items from the request, the whole request is getting routed to the detour path

So in essence if you mix system and role in the line items, the system takes precedence and the whole request follows suit.

Experts please share your suggestions or ideas to make this work.

Thanks a lot in advance.

Regards,

Padmavathi.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
View Entire Topic
Former Member
‎2014 Feb 21 10:43 AM

Hello Padmavathi,

System is behaving correctly.

Let me explain this.

First of all adding system information is not required if you are not using business roles,or you are expecting a routing futher in the workflow or you have to set system validitiy for the user.

System information is automatically picked by GRC as soon as you add single or composite role (not in case of business roles) .

If still you have business requirement (like adding parmeters id whcih are system specific) to add system in request , you need have a routing rule as soon as request is submitted to spearate role and system else you will get the same responce as you mentioned.

In your situation you can have a first stage as dummy stage, have routing rule to spearate role and system and have escalation enable after 1 min at dummy stage so request is automaticlly forwarded after 1 min and routing rule get executed automatically .

By doing this only roles will ne avaible at first stage for approval and even if approver want to see complete request they can see that .there is one optio nat stage level to see complete request even instead you get what you have to approve .

Hope this helps..

Ashish

Show replies
Show replies
Former Member
‎2014 Feb 25 7:10 AM
0 Likes

Hi Ashish,

Can you help me on what basis i need to separate the LineItem SYSTEM from the request to different path?

If it is a role, i can define in my BRF+ decision table as If ROLE_NAME or ROLE_TYPE is X, then go to Y.

But for lineitem SYSTEM, how to define it?

Can i say if LINE_ITEM_KEY = SYSTEM or my RFC connector, then go to Y ? Am i correct?

Please help.

Regards,

Sai.

Former Member
‎2014 Feb 25 2:24 PM
0 Likes

use the GRACREQPROVITEM table, the column that you want is PROV_ITEM, ROL => role, SYS => system. The REQ_ID can be had by looking in table GRACREQ using the request number. So you are looking at 2 dblookups. Use PROV_ITEM as a column in the decision table and you're good to go!

Ask a Question