cancel
Showing results for 
Search instead for 
Did you mean: 

Stop request number generation for incorrect requests (No Rule result) - SAP GRC AC 12 SP09

0 Kudos
371

Hello Experts,

Is there any possibility to stop requests getting submitted for requests which don't have a rule result value.

I don't want these requests submitted and then in the audit log shown as failed (would like to see "Path not found error" at the time of submission itself)

I am in GRC 12 SP09

Accepted Solutions (0)

Answers (1)

Answers (1)

Monsores
Active Participant
0 Kudos

Hi Sankaranarayanan.

It is not possible, unfortunately. Rules are processed just after the request has been submitted.

A good option to deal with it is to create a "catch all" rule in your initiator to drive requests that have not been covered by the previous rules and drive them to an alternate path (like your escape route, for example).

Regards,

Marcelo Monsores

0 Kudos

Hi Marcelo

Thanks for your time looking into this issue! But i would like to avoid manual effort being spent. If it allows request submission, the team who submits don't know whether they submitted it correctly or not. Post submission, they need to validate logs to re-submit the request correctly which i would like to avoid. hope you understand my concern.

Thanks

Monsores
Active Participant
0 Kudos

Hi Sankaranarayanan.

I understand your concern and it would really be useful to have this validation before request is submitted. But without some coding it is not possible, unfortunately.

I cannot imagine a better way to deal with these failed requests than having the "catch all" rule to move them to an exception path. The next action in this case shouldn't be with the person who submitted the access request but with your GRC Team, that should check what happened. No request items are expected to be not covered by your initiator rules. So, if it happens, these rules probably need some adjustment. Or maybe some roles, systems or FF IDs that shouldn't be available in GRC were requested. But in both cases it seems to me that your GRC Team would need to act to fix the root cause.

But it is just my point of view. Maybe if you can give more details about why your requests are failing we can try to think about other possibilities.

Regards,

Marcelo Monsores