cancel
Showing results for 
Search instead for 
Did you mean: 

SAP GRC Access Control 10 - Risk Approval workflow notification

mmanara
Explorer
0 Kudos
495

Hi All,

we are on GRC Access Control 10 SP11.

We have activated the Risk approval WF. A user change a risk (e.g. set the status Inactive) and then, the owner of that risk receive the notification request to Approve or Reject.

I don't know if this workflow is thus by design or if some configuration is missing.  But when an approver open the Request (in order to approve or reject it) is really not clear what kind of change has been made on that risk by the requestor. Moreover although a request is approved the change at the risk, requested by the user, is not carried out.

Any experience on that?

Thanks.

Massimo

Accepted Solutions (1)

Accepted Solutions (1)

Colleen
Product and Topic Expert
Product and Topic Expert
0 Kudos

Hi Massimo

It seems to be the design of the RAR approval processes and how the data is stored. Looks like a lot of room for improvement if you compare Function and Risk WF process compared to UAR.

At the moment (and a few other posts on SCN mention for Function workflow):

  • You cannot see new Functions or Risks until they are approved
  • Unlike ERM/BRM, you cannot see which Functions and Risks are in New Phase, Awaiting Approval, Approved, etc
  • You cannot compare current changes to new
  • I don't think change documents are written until after approval

I suspect this is design. I still see use for it to ensure the Risk Manager (whoever) knows the risk matrix is being changed. Unfortunately, I think they need to open the screen and the workflow task to compare manually to see differences.

Former Member
0 Kudos

To add to what Colleen has written, my opinion of the Risk Definition Change Approval workflow is a very useful tool for on-going "Staying Clean" phases of the security life cycle, but in the current state of delivered design, it is not very helpful in displaying information within the request sent to the stage owner.

I would be interested in knowing if this is being improved for AC 10.1 (if that is what the next version is still being named). I know the Access Request Forms are meant to get overhauled also.

Former Member
0 Kudos

Hi Experts,

We are implementing GRC 10.1 and are facing problem in Risk Approval WF i.e when the Risk Owner receives the request after the request is submitted by User, he/she gets only forward option to act (However this action is nowhere defined in the configuration). When he/she clicks on this Forward Option, the system throws an error.For your information we have configured only standard WF only. Please provide your valuable inputs and thanks in advance.   

former_member204204
Active Participant
0 Kudos

HI Rajesh,

Check your stage settings you can control the actions there.

Regards,

Neeraj

Former Member
0 Kudos

Thanks for the reply Neeraj.

I have already stated that I have not opted for the forward button in stage settings.

(However this action is nowhere defined in the configuration).

My Function Approver WF is working fine. The Prob is only with Risk Approver, Whether I use Default functionality or customized using BRF+, result is same.

Moreover is there any way to update Risk Owners against Risks. I mean I have many Risk Owners within a Ruleset defined. Now I am not getting any idea how to Upload Risk Owners against their respective Risks. Updating these values directly into the GRACRISKOWNER table may not be a good idea.

Rajesh

Former Member
0 Kudos

go to MSMP, open the proccess ID for Risk approval workflow and make the changes in Modify task setting and check the checkbox "Approve"

Former Member
0 Kudos

For mass upload of the risk owner for risk please use the table - GRACSODRISKOWN

Former Member
0 Kudos

Thanks Ankit,

1. I have already maintained stage Settings as Approve." I have successfully completed Function Change and Mitigation Change WF wherein I am not facing any problems.

2. Can we update GRACSODRISKOWN directly or it has some dependencies associated.

Rajesh

Former Member
0 Kudos

yes you can directly updae the same ....as it is open and is used for this task only ...

Former Member
0 Kudos

Hi Ankit

Thanks for the information.

Any Idea about the Approver button Missing for Risk Maintenance Workflow.

I have configured everything in ARA, ARM, EAM, BRM  and is working fine except this one.

I have also raised this to SAP but still no response.

Rajesh

Answers (1)

Answers (1)

neerajmanocha
Product and Topic Expert
Product and Topic Expert
0 Kudos

There was a bug in this area and fixed under SAP Note 1934783 .

Hope this helps.

Thanks & Regards
Neeraj

Former Member
0 Kudos

Thanks for the information.

I will let you know the result once I implement this note or upgrade to SP5

Rajesh