Dear All,
Is it possible to set up GRC access rules based on a combination of a position and authorizations?
For example a SoD conflict is when one can approve invoices and process invoices.
Process invoices is based on authorization (FB60 etc.) For this I can create a ' standard ' GRC function
Authorization to approve invoices is handled through a table (COA) and the HR position of a user (e.g. supervisor) .
How can I combine both functions into one risk?
Thanks
TJ