Accepted Solutions (0)
Answers (2)
Dear Alessandro, One of the prime reasons of what ever foundation knowledge of GRC Access Control I know, is because of your blogs. They are coliseum and helpful. Thank You for that!
We encountered an precarious instance. Here it is { With Chart Screen Shot } : -
Activation of SAP provided risks for Business Process: - HR and Payroll for sensitive actions : -
Option 1: - If HR07 – HR Master data function is the only function which might cause a risk ( because of the actions and permission levels in this function ) then risk HRMD with Critical Action has to be activated.
Option 2: - If it is between A. Action and permission levels of one function HR03, B. Action and permission levels of another function HR06 & C. Action and permission levels levels of an additional function HR07 then risk types to be selected ( + activated ) will be: -
- Critical Action risk ID HRMD for function HR07
- Critical Action risk ID HRCT for function HR06
- SoD risk ID H001, H007, H008, H014, H015 for function HR03 have to be activated.
Which option has to be considered for activation. Will it be risk ID of Option 1 or risk id's of Option 2 ?
Your views on the process to be followed.
- Thanks
Bluesky| User | Count |
|---|---|
| 9 | |
| 8 | |
| 6 | |
| 3 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.