Dear experts.
Regarding SAP GRC Business Role management we have the following scenario:
- Initially and in general for all the roles it is not necessary to have the following stages Analyze Risks / Derive Role /Request Approval.
- But for COMPOSITES roles is necessary the following scenario:
- To activate the stage Analyze Risk.
- After performing a risk analysis if there is risk and after pushing button Save & Continue, activate the Request Approval stage. If there is no risk, do not activate Request Approval stage.
So for this I have designed and implemented the following elements:
- BRF+ Application: Z_TEST_APP_NAME_METHO2. Please refer to first attached screenshots.
- BRF* Function: Z_TEST_METHODOLOGY2. Please refer to second attached screenshots.
- Decision table: Z_DECISION_TABLE_COM. Please refer to third attached screenshots.
There has been added two rules:
- If the role is a COMPOSITE role and after pushing button Save & Continue then go to Z_COND_COM. This condition group is assigned to a Methodology 3 (include Risk Analysis stage).This rule works perfectly! The stage appears after pushing button Save & Continue.
- If the role is a COMPOSITE AND the role has any kind of Risk ID (0*-9* or A*-B*) and after pushing button Save & Continue then go to ZCOND_COM2. This condition group is assigned to a Methodology 2 (include Request Approval stage). This rule does not work. Even there is a risk, after pushing Save & Continue the Request Approval does not appear.
I have simulated this two rules and seems working. At least the simulation returns Z_COND_COM or ZCOND_COM2 depending on the values I add.
- ConditionGroup1 --> Z_COND_COM --> This condition group is assigned to a Methodology 3 (include Risk Analysis stage) .
- ConditionGroup2 --> ZCOND_COM2 --> This condition group is assigned to a Methodology 2 (include Request Approval stage) .
Is it possible to identify if the role has a risk and then activate a new stage (Request approval)? Are we defining something wrong?
Please advise.
Many thanks in advanced.