Once a role is sent for approval to Role Approval workflow, the approver must re-run the risk analysis and mitigate risks.
However, due to the design of the Role Approval workflow, customers will observe the following scenario:
- The risk analysis performed in the methodology step prior to submitting the role for approval, has been done for some risk types (Example: only for Critical Permission risk type), but not for all types of risk.
- The role is then submitted for approval.
- The approver reviews the request click on role link to open the role contents.
- In the role screen, approver goes to methodology phase "Analyze Access Risks" and is unable to perform new risk analysis on other risk types, as all the options are disabled.
- Also, the in the "View Results For" section, only analysis for risktype done prior to submitting the role for approval will be shown (Step 1). The approver will not see any results in the other risk types when changing the value in the "Type" drop down list.
SAP GRC Access Control 10.0
SAP GRC Access Control 10.1
Role Approval workflow, disabled, risk analysis, redo, re-do, re-run, rerun, violations, not able, other types, critical permission, critical action, action, permission, SAP_GRAC_ROLE_APPR, security role administrator, role admin, perform risk analysis during the approval of the role, check risk , KBA , GRC-SAC-BRM , Business Role Management , How To
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.