Purpose
The purpose of this blog post is to explain the about the different Access Request tables and how these tables can be utilized in order to prepare reports as per your requirements:
1. Request Reason
Request reason is stored in SAPscript, with Text Object as “GRC” and ID as “LTXT”. You can use standard SAPscript Function Module (READ_TEXT) to fetch request reason of a GRC request by passing the “TEXT” value to the Name field. This TEXT value can be fetched from table STXH
e.g: ACCREQ/00155D08DA361ED2A1BD201C710165A5/LONG_TEXT (For access requests ACCREQ/RequestID(GRACREQ Table)/LONG_TEXT
2. Request Comments
Request comments also are stored in SAPscript, with Text Object as “GRC” and ID as “NOTE”. You can use standard SAPscript Function Module (READ_TEXT) to fetch comments of a GRC request by passing the “TEXT” value to the Name field in the same way as done above for request reason. This TEXT value can be fetched from table STXH.
e.g: ACCREQ/00155D08C4051ED4BDFDEF53EC12C0D7/20150511151344 (ACCREQ/RequestID(GRACREQ Table)/XXXX)
3. GRACREQ – Request details table
This table will provide the information about Request ID, Request Type, Request Creation Date and Request Priority
4. GRACREQUSER – GRC Request User details table
This table will provide the information about user for whom GRC request has been raised and provides details about User ID, User First Name, User Last Name and User Email ID
5. GRACREQPROVITEM – GRC Request Line Item Details
This table will provide the information about the request and the below Line Items in the request with their corresponding VALID FROM and VALID TO dates.
Role
System
Fire Fighter Id
User
Profile
PD Profile
FireFighter Role
6. GRACREQPROVLOG – GRC Request Provisioning Logs
This table will provide the information about the request and the Line Items in the request with their provisioning status (Success or Failure or Warning)
7. GRFNMWRTINST – GRC Request Instance Details
This table will provide the information about the request and its corresponding instance status.
8. GRFNMWRTDATLG – GRC Request Approval Status
Get the details of Instance ID from GRFNMWRTINST table by passing the request number in “EXTERNAL_KEY_DIS” field. Based on the Instance ID you can get the details of each Line Item approval status in the request, Path ID, StageSequence Number and Approver User column in this table gives the details of the approvers.
Based on Path ID you can get the stage details by using the tables “GRFNMWCNPATH” and “GRFNMWCNSTG”
9. GRFNMWRTAPPR – Current Approver for Request Line Items
This table will provide the information about the request and current approvers for corresponding Line Items in the request.
10. GRACROLE & GRACROLEAPPRVR
These tables will provide the information about the roles and their corresponding role owners maintained in BRM.
11. HRUS_D2 – Approver Delegation Table
This table will provide the information about the delegated approvers in GRC
12. GRACSTDROLE and GRACSTDROLESYS
These tables will provide the information about the default roles maintained in GRC.
13. GRPCCHKO and GRPCPHIO – GRC Request Attachment Details
These tables will provide the information about the attachments in the GRC request.
Get Request ID for a GRC request from GRACREQ Table
Input Request ID retrieved above in the field PROP08 of table GRPCPHIO.Get PHIO_ID from GRPCPHIO table. This table also gives attachment description details.
Input PHIO_ID to table GRPCCHKO. This table will provide Attachment Name and Type details.
14. Mitigating Control Vs. Risk/Monitor/Approver Details
Retrieve OBJID from table HRP5354 by inputting the Mitigating Control ID in SHORT_KEY1 field
Retrieve KEY 1 and KEY 2 from HRT5320 by passing OBJID retrieved above into T_OBJID field which will give Risk/MC Monitor/MC Owner Details
15. Mitigating Control Short Text and Long Text
Short Text
Retrieve “OBJID” from table HRP5354 by passing Mitigating Control ID into “SHORT_KEY1” field
Retrieve ‘STEXT’ from table HRP1000 by passing ‘OBJID’ value retrieved from above table
Long Text
Retrieve “OBJID” from table HRP5354 by passing Mitigating Control ID into “SHORT_KEY1” field
Retrieve “TABNR” values by sorting ‘AEDTM’ and take the latest last modification date from table HRP1002 by passing PLVAR = ’01’, OTYPE = ‘P2’, OBJID = value retrieved from above table and SUBTY = ‘0001’
Retrieve “TLINE” values from table HRT1002 by passing TABNR value retrieved from above table
16. Risk Long Text
Class: CL_GRFN_SAPSCRIPT
Method: RETRIEVE_STRING
Pass following values:
- IV_LANGUAGE = EN
- IV_OBJECT_ID = SOD_RISK/<RiskID>
- IV_CLASS = LTXT
- IV_TOKEN = RSK
- IV_APPLICATION = GRC
16. Control Assignment request Items table
GRACMITMSMPVALI – This table will have the Control Assignment request and corresponding Lineitems of that request.
MSMP Instance and External Key in this table are referenced from GRFNMWRTINST table.
Looking forward for all your inputs in improving this blog by including additional table details (if any missing)
Thanks for reading.
Best Regards,
Madhu Babu Sai (#MJ)
Heyyy Madhu ….
Nice one ..!
Regards,
Rahul
Hi Madhu, its is very informative. Can we find our in which table the end user (affected user) details are stored for whom the provisioning is to be done in a Access request
Regards,
Krish
Awesome Madhu !
Hi Madhu,
Thanks for the info, good stuff!
Another Table, GRACROLEMAP, can you let us know how this Table is sourced? Which function in GRC allows this Table to be sourced?
Thank you in advance,
Chris
Hi Christopher,
In GRC BRM module, you can map a role from the same system or different system to a role.
For example: I have a role in GRC system (Role A) and this role need to be automatically included in the GRC request whenever users select ROLE B which is in ECC system then role mapping can be helpful.
Regards,
Madhu
Thanks Madhu! I figured….just wanted to confirm from an expert. Thanks again!
Hi madu,
It’s very informative.thahks for giving such huge information.
Hello Madhu ,
Can you please help us to know if we have some way to download the grc request attachments from the Backend system
Hi Pranjal,
GRC access request attachments are stored in the following tables:
GRPCCHKO and GRPCPHIO – GRC Request Attachment Details
These tables will provide the information about the attachments in the GRC request.
Get Request ID for a GRC request from GRACREQ Table
Input Request ID retrieved above in the field PROP08 of table GRPCPHIO. Get PHIO_ID from GRPCPHIO table. This table also gives attachment description details.
Input PHIO_ID to table GRPCCHKO. This table will provide Attachment Name and Type details.
You have to get your ABAPer write a small piece of code to download attachments from the mentioned tables using ARQ request number.
CALL METHOD cl_grfn_documents_manager=>get_physical_document_content
(Use this method to get the document content and convert it to binary using following function module)
CALL FUNCTION ‘SCMS_XSTRING_TO_BINARY’
Regards,
Madhu