We have second level authorization enabled and if a user that is being delegated a task does not have the necessary authorizations, a warning should be given to the user creating the delegation.
Business users will have no idea if a user does, or does not have the authority to complete a task, so the system should check to see if second level authorization is turned on and if so, check that the user that will be the delegate has the authority to work in the module they will be completing tasks for.
We are testing this in the sandbox and the user can create a delegate for any of the areas, AC and PC, and assign the user and the onus of knowing if they are authorized is on them. Either this has to be enabled, or ticket based authorization for the task they will be completing should be provided.
GRC Process Control 12.0
GRC Access Control 12.0
Delegation, second level authorization, , KBA , GRC-SPC-AC , Automated Controls , GRC-SAC-ARQ , Access Request , How To
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.