Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
Showing results for 
Search instead for 
Did you mean: 

Org Rule SOD risks @ User level not showing correct results.

Former Member
0 Kudos

Dear All

a. Create a 2 users having access to create & approve PO as per below matrix

User 1:

Role 1 - Create PO  for Purch  Grp 500

Role 2 – Approve PO for Purch Grp 400

User 2:

Role 3 – Create PO for Purch Grp 600

Role 4 – Approve PO for Purch Grp 600

Result : Now as usual the 2 user are showing as SOD users during the Permission level reporting.

GRC Setup :

a. @ function level of PR02 & PR04 the Auth field for EKGRP is made ACTIVE.

b. Create Organization rules as shown in the attached picture.


d. When the risk report on the user level with the Org rule included – the result screen shows blank screen without any risks at all.

Is any setting wrong? Pls advice



Former Member
0 Kudos

Dear All Any help on why i am unable to see risk reports @ Org rule level. Raju

0 Kudos

Dear Raju,

it seems to be correct. Did you check the OSS notes? What's your current SP level?

Please see:

Please also see my document regarding org rules:

Let me know.



0 Kudos

Hi Raju,

Have you replicated this scenario in sand box with single T-CODES as you mentioned above ? , I have done same here , but I am not even getting the risk at permission level as you said ( I checked with both combinations ME21N & ME29N  also with ME21N & ME28 ) , can you attach the screen shot of your risks at permission level ( Please send detailed report ) .

Process you are following is correct , that has to work , I believe you must have entered both ME28 & ME29N in your role 2&4 .

Please also attach screen shots of your functions at permission level .


Uma Shankar T

0 Kudos

Dear Uma

Thanks for response, Pls find the screen shots of the function settings & the p059 risk report shown during Permission level report only for the 2 users.

the same report shows blank when you consider the Org rule

I will now check if the same issue arises in different system


0 Kudos


the issue is in the org rule definition. I have just tested and your definition doesn't work. In the org rule definition change the condition to OR instead of AND.

See also my example with WERKS instead of EKGRP with condition OR:

Analysis with considering org rules:

When you join EKGRP 400, 500, 600 with AND that means that all values must be given to match the rule. In your case you want to have the risk reported when the org.

Do you understand what I mean?