Scribd
Upload
261 views6 pages

PFCG BASED AGENT RULE SET UP Step by Step 1694177786

The document outlines the steps to create a BRF+ Agent rule for fetching approvers based on decision table criteria and dummy role assignments. It details the process of creating necessary structures, decision tables, DB lookups, and rulesets within the GRC system. The custom agent rule aims to simplify the role owner maintenance process by allowing approvers to be assigned through dummy roles tailored to specific requirements.

Uploaded by

v380vijay
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
261 views6 pages

PFCG BASED AGENT RULE SET UP Step by Step 1694177786

The document outlines the steps to create a BRF+ Agent rule for fetching approvers based on decision table criteria and dummy role assignments. It details the process of creating necessary structures, decision tables, DB lookups, and rulesets within the GRC system. The custom agent rule aims to simplify the role owner maintenance process by allowing approvers to be assigned through dummy roles tailored to specific requirements.

Uploaded by

v380vijay
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Resolution: Create a BRF+ Agent rule that will fetch approvers, based on decision table criteria

and dummy role assignment.

BRF+ Design:
Below Steps will be followed to achieve required results:
Step 1: Create Structure “AGR_USERS”
Step 2: Create a decision table to provide “dummy role name” based on suitable selection.
Step 3: Create a DB lookup on table “AGR_USERS” to fetch users assigned to appropriate dummy
roles.
Step 4: Create a “Ruleset” to process DB lookup and return approvers.

BRF+ Configuration:
You have to generate the BRF+ Rule via Transaction SPRO in GRC system. Follow the below steps
in your GRC system.
Run the transaction SPRO, go to IMG => Governance, Risk and Compliance =>Access Control
=>Workflow for Access Control => Define Workflow related MSMP rules.
Or
Directly execute TCode GRFNMW_DEV_RULES

Fill generation criteria (Process ID, Rule type, etc.)


Specify Generation options
Generate rule shell (Execute button)
After successful rule generation, goto BRF+ to check newly created BRFPlus Application

Function Signature update:


In BRF+ function, change the mode to “Event Mode” and activate the function as shown below.
Since Function mode has been changed to “Event mode,” the result data object has changed
automatically, so it has to be reset manually
In “Signature” tab of BRF Function, change the result data object to GRFN_MW_T_AGENT_ID
Create Structure:
From context menu of BRF+ application, create a Structure and bind it to AGR_USERS.
Save and activate this structure.

Create a Decision Table:


From context menu of BRF+ application, create an Expression of type “Decision Table”
Add “Condition” as well as “Result” column based on requirement
Note that AGR_NAME in result column can only be selected if structure AGR_USERS has already
been created.

Create dummy roles in GRC backend system and assign to approvers


Populate the decision table with business data as required

Create DB Lookup: From context menu of BRF+ application, create an Expression of


type“DBLookup”
Add below details to the DB Lookup, here we are applying DB lookup based on result received
from ZROLEOWNER on table AGR_USERS and inserting user ID into GRFN_MW_T_AGENT_ID
Save and generate the DB Lookup

Create Ruleset:
Click “Create and Navigate To Object”
Create Rule as below:
Assign the ruleset to the function

Go to the function and under assigned ruleset you should be able to fine “GET_APPROVER”
ruleset.
Simulate BRF+ rule:
Provide mandatory context values like Business Process, Functional Area, Connector.

The function should return users IDs of the role owner as per the settings in decision table.

Conclusion: This custom agent rule will allow us to skip standard role owner maintenance
process in GRC and simply assign approvers by assigning them dummy roles created in GRC
system. Dummy roles can be created as per our requirement for example based on
system\client, departments, business process etc.

You might also like