In this second in a three-part blog series, we will review the ‘Additional Information’ field in the SAP GRC Firefighter Controller log in SAP Access Controls. In part one, we walked through the set up process for firefighter sessions and the entire process of the firefighter activity along with the GRC Firefighter Controller Log Review Report Approval. Now let’s take a deeper dive into the ‘Additional Information’ field.
When the controller wants more details about the log report, he clicks on ‘Additional Information’ and the request goes back to Firefighter User. In this scenario event triggered will be as “FORWARD WITH RETURN.”
Forward: FF controller forward button initiates another controller to review. Additional information button will forward the message to the Firefighter User to update information.
When Firefighter user checks his work inbox, he can see the log report and will need to enter the comments in the Notes section and he will have only one button “RETURN”, so he clicks on it. Now the request goes back to the GRC Firefighter controller. Here even triggered is “RETURN.”
When the GRC Firefighter controller forwards the request to another controller, even Triggered is just FORWARD.
In this scenario, the GRC Firefighter Controller is requesting the Firefighter ID for which he is the controller and when the log report generates, he is getting only return button and it is working as SUBMIT and showing message as “Firefighter Log Returned Back.”
Additional Information: If the GRC Firefighter Controller wants more information from firefighter then he can forward the workitem to firefighter using this action. The firefighter will provide details in Note tab and then return it back to the Controller. Then the GRC Firefighter Controller can further process the workitem.
Auditor Runs the Log report below to test the control:
That covers the ‘Additional Information’ feature. To learn more about rapid deployment of GRC Access Controls, click here. Part three of this blog will review the firefighter log analysis process. To watch an on-demand video about GRC Access Controls, click here.