Total Pageviews

Wednesday 2 July 2014

GRC 10.1 - BRM - Steps to Configure Role Methodology


Steps to Configure Role Methodology

This will explain the steps that needs to be follow which configuring Role Methodology. This will include teh following steps.
  1. Create BRF+ Rule.
  2. Assign Condition Group Type to BRF+.
  3. Define Role Methodology Process and Steps.
  4. Associate Role Methodology Process to Condition Group.
  5. Creating Role Approval Workflow.

Role MethodologyConfiguration Introduction

  1. Role Methodology is the process followed for role creation and maintenance operation
  2. It is an existing feature in Access Control
  3. The well defined role management process that aligns with the Organization policies of an Organization can be  configured in the Role Methodology
  4. The Methodology customizing steps like “BRF+ Rule Creation” and “Methodology Process Definition” are not necessary when the default methodology process is used for role creation
  5. These steps are required while creating customized methodology process
  6. BRF+ Rule Creation:
    Business Rules Framework plus (BRF plus) provides a comprehensive application programming interface (API) and user interface (UI) for defining and processing business rules
  7. BRF+ is the rule engine that evaluated the various attributes of the role
  8. Condition Groups link the BRF+ rules and the Role Methodology

Role Methodology Configuration Steps

Seting up Role Methodology
  1. Create BRF+ Rule
  2. Assign Condition Group Type tp BRF application and function
  3. Define Role methodology Process and step
  4. Associate Role Methodology Process to Condition Group

Create BRF+

  1. Create BRF+ Application and function for the Application
  2. Execute transaction SA38 and run the program GRAC_GENERATE_ERM_BRFRULE or select the option Generate BRF Plus Applications, Approvers and Methodology Functions
Define the BRF+ Application by giving Application name, Methodology Rule ID and Approvers Rule ID.
After executing the program verify the log for any errors. If errors are present, then they need to be fixed before proceeding to next step.
  1. Execute the TCODE: BRF+
  2. Select My Applications and search for the application that was just created
  3. Expand the Application and Function Nodes
Create a Decision Table by entering name and other related attributes
The decision table provides the rule for evaluation; so for each function, a decision table is required
 
 
Create Condition Columns for the Decision Table
Click Insert Column button and select From Context Data Objects
 
 
Select the conditions that need to be evaluated
Create Result Columns by clicking Insert Column from Data Object
Search for Result Column
Select Condition Group (GRAC_CNDGP) object from the search result
The result is the end product of the role execution
Review the conditions and results
Click OK to confirm the definition
By Defining the Conditions and Results the definition of the Decision Table is complete
 
Once the values for the Condition and Result Columns are defined, enter values for the Decision table used for rule execution
Click Insert New Row to create the values; enter values for the columns
Select Direct Value Input
Enter Value for the columns
Activate the Decision Table
 
 
Associate the Decision Table to Function by selecting it in the Top Expression of Function
Activate the function

Assign Condition Group Type to BRF+

1.Navigate to IMG by executing SPRO
2.Navigate to GRCà ACà Role Management
3.Select activity “Assign Condition Group to BRF+ Rules”
4. Select Condition Group Methodology
5.Enter the BRF+ Application and Function and save
 
 
 

Define Role Methodology Process and Steps

Select the Define Methodology Processes and Steps option under Role Management in IMG
Assign steps to Methodology Process
 
 
 

Associate Role Methodology Process to Condition Group

  1. Select the “Associate Role Methodology Process to Condition Group” option from the IMG customization

  2. Associate the Condition Group to the Methodology Process

    Creating Role Approval Workflow

         1.Role Approval Workflow needs to be maintained if Approval step is there in Role Creation methodology
2. The default workflow process can be used to set up Role Approval Workflow Process
3. Select the maintain MSMP Workflow option from IMG
4. Select the Role Approval Workflow Process from  Step 1 in the MSMP Workflow Configuration and open it in Change Mode
 

Creating Role Approval Workflow

Maintain the approver rules in the Maintain Rules step.
In Step 5, maintain the Stage settings and select the Agent ID as GRAC_ROLE_APPROVER or the approver rule create in BRF+
Save and activate the workflow
 

Posted by at

2 comments:

  1. Unknown2 November 2016 at 05:19

    Hi,

    What is significance of create/change request in create access request functionality of NWBC.

    Whether the workflow is followed after submission of Create/ Change role request type of Access Request or when Role is generated through role maintenance.

    Waiting for your kind reply.

    ReplyDelete
  2. Keerthi5511 November 2020 at 17:36

    Nice post..
    SAP mm training
    SSAS training
    SSIS training
    SSRS training
    tableau training
    Teradata training
    Windows admin training

    ReplyDelete

Subscribe to: Post Comments (Atom)