Hi,
In GRC - NWBC, we have Master Data Work Center. Under Master Data we have defined the Organization, Process, Subprocesses and linked the associated controls.
Also under Master Data-Reports, we have "Risk and Control Matrix" where for any regulation we can generate Risk and Control matrix by Org/Process/Subprocess etc.
Now my issue is our control's team wants to restrict users by organization. So for example a person belonging to Order to Cash should not be able to see the job logs under monitoring tab in a control for any other Organization. This we have achieved through restricting access to GRFN_USER auth object and by assigning front end access to the user for Order to Cash.
But at the same time we want all the users to see "Risk and Control Matrix" for entire organization. But since we have restricted access to GRFN_USER auth object and provided front end access for a particuar org, user is restricted to that org in Risk and Control matrix report as well. Risk and Control matrix also checks access to GRFN_USER auth object. Thus we are not able to restrict Organization data at the same time give full access to Risk and Control Matrix.
So I want to know, if there is a way to deactivate auth check in a report. "Risk and Control Matrix" is a webdynpro application and want to know if we can maintain SU24 and update auth object GRFN_USER as "DO NOT CHECK"?
Or can we copy the report F7(Risk and Control Matrix) in SM34 VC_GRFNREPCUST and create new report where someway can we remove auth check from the report?
When we create new report, in SPRO we have to add it in following place to get it added in NWBC. Can we control authority check someway from here?
SPRO-GRC-General Setings-Maintain Authorizations for Application Links.
Thanks!!!
Abhishek