Hi Anil -
First let me apologize for not replying to your original post on my other thread, I was tied up with a customer. I did see it though and intended to provide feedback before you removed your question.
As Samnukh has suggested, I believe your configuration can be simplified by using the workflow with the initiator going to the Default path. I don't believe a No SoD Path is necessary based on my understanding of your requirements.
Here is my recommendation:
In Step 5 (Maintain Paths) create two paths:
1) Default Path (GRAC_DEFAULT_PATH)
2) Custom Security Path (Z### some name: ZGRAC_SEC_PATH).
In path 1) define the Role Owner and for 'Routing Enabled' column define value of 'Yes' with the Rule ID {GRAC_MSMP_DETOUR_SODVIOL} routing rule.
In path 2) define the Security team (you can create a user group in GRC and assign the security users to it) but in this path, no routing rules are necessary - 'Routing Enabled' = NO.
Define any necessay stage configuratin for both.
In Step 6 (Maintain Route Mapping):
1) Use Rule ID GRAC_AR_INITIATOR to map to the Path ID GRAC_DEFAULT_PATH.
2) Define the Rule ID GRAC_MSMP_DETOUR_SODVIOL rule ID FROM 'GRAC_DEFAULT_PATH' at stage # (whatever you set the stage number to be for Default path - Role Owner stage)
TO Path ID 'ZGRAC_SEC_PATH'
In Step 7 (Generate the Versions)
----------------------------------------------------------------
What this should do is send all requests down the Default path to the Role Owner and then on Approval it will check if there are SoD's. If No SoD then it will be Provisioned and the workflow will Close.
If there are SoD's in the request, it will route after the Role Owner approval to the Security Path where the security team will receive the request for review.
After they Approve the request, it will be Provisioned and the workflow will Close.
I hope I understood your question correctly, but if not please let me know. This should work for what you are trying to do.
Also you may want to setup Step 1 (Process Global Settings) - Escape Conditions at the bottom of that page in cases where an Approver is not found or there is an Auto-provisioning failure. You could define a new path for a team to catch these types of request and on the stage use the 'Forwarding' functionality to put the request back on track if a Approver is not found.
If you have any follow up questions, let me know.
Darnell