We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Forum Posts

Resolved! Wildcard in SOD

Hi All,We have an application with a  many RoleA (for example) but specific to a certain location. Example - RoleA_Canada, RoleA_US, RoleA_India. Is it possible to wildcard the role name while creating functions in SODs, for example - RoleA*.As we mi...

snauni by New Contributor II
  • 3 replies
  • 0 kudos

Resolved! Internal and External SOD Evaluation

Hello Team,We need assistance to below query before you start onboarding and perform SOD evaluation for that Application.1. Customer has SAP GRC system via which SOD evaluation is being performed for SAP Application.2. For Non SAP System they are doi...

Manu269 by All-Star
  • 2 replies
  • 0 kudos

Resolved! SAP TCODE Usage Configuration

Hello,We are trying to bring into Saviynt the transaction (TCODE) usage data from SAP S4 target system, in order to be able to configure the Usage Analytics Report and SOD Actual vs Potential, as per client requirement.After reading the available doc...

Miha by New Contributor III
  • 1 replies
  • 0 kudos

SOD Exportable reports details

Hi All, Can you please help us understand what data is available in SOD L3 report. We can see 2 files in the L3 export but we are unable to identify which file contains what data. No where in the documentation it is specified which file contains what...


SOD conflict alert for new users

Hi Team,Is there any way we can set up an alert within SOD module when a new user is identified with a SOD Conflict?We are trying to utilize default analytics "CC_Detected - Users found with SOD Violations", but it lists all the violations for all us...

Lakhitha by New Contributor II
  • 1 replies
  • 0 kudos

Sod Summary we are not getting Exact data and Exact count(number different from UI) in production

Hi Team, We are trying to extract the report from SOD Summary.Report should contain: RISK CODE, Function, USERNAME and ACCOUNT NAME for open status and ruleset belongs to PG_SAP_S4HANA_PROD_100_Ruleset_2023_02Using Query we are trying the extract the...


Hi, we are trying to configure the emergency access role and we did the following:-the application for what we are creating it is SAP S4-hana which is already integrated in Saviynt;-in the security system we selected Auto Approve Workflow for Emergen...

GiuseppeDM_0-1699972902722.png GiuseppeDM_1-1699973061806.png GiuseppeDM_2-1699973129515.png GiuseppeDM_3-1699973275298.png

SoD Function Objects

Hello,We are working to configure SoD for SAP S4 Hana.The roles in S4 are configured as follows:There are composite roles, e.g., ZC:Accountant_Example. This entitlement type in Saviynt is SAP Role.Each composite role contains multiple single roles, e...

Miha by New Contributor III
  • 8 replies
  • 0 kudos

SOD violation to reject entitlement only

We are using a parallel workflow to check for SOD risks, and to automatically reject the entitlement.Unfortunately it doesn't reject the entitlement, but the entire request.How can we change this so that it will only reject the entitlement on which t...

Marcel by New Contributor III
  • 2 replies
  • 0 kudos

SOD:: How to link "Accepted" from actionable report to "Risk Accepted" on SOD Violations list?

For SOD violations, we have an user context driven actionable report which has open, Accept, Deprovision Access as action. When the user selects "Accept" with a future date(see first screenshot). Is there a way to tie that to the respective SOD Viola...

npise by New Contributor III
  • 1 replies
  • 0 kudos

SoD Functions - Objects Upload

Hello,We are trying to configure the SoD for SAP S4 system.We received the rules for configuring the SoD from SAP GRC, however, there are over 100 functions, and over 200 actions per each function ( we have risk - function - actions per function rule...

Miha_6-1695383802756.png Miha_0-1695383040736.png Miha_2-1695383385689.png Miha_5-1695383710567.png
Miha by New Contributor III
  • 5 replies
  • 0 kudos

Exclude inactive identities from SOD's

Hi, We have added a filter to our SOD evaluation job to only look at active accounts, hoewever inactive accounts are still displaying on the SOD violations? See attached files for config and user extract. Thanks [This message has been edited by mode...

NPrinsloo by New Contributor
  • 8 replies
  • 0 kudos

Approval on Risk change

Hi All,We have a client request to send approvals to Risk owner if any thing is edited in the risk. This works only for functions but not form risk.Is there a way to enable approval requirement if any Risk is edited or created in Saviynt.

Saviynt request id is not getting created for a user in ARS after external SOD evaluation.

 We are facing the issues when the request is submitted which contains external sod evaluation from SAP grc. So once the request is raised for a user, request id's are not generated instead it is redirected to final page with SOD confirmation number....

Dev_1-1692074962212.png Dev_2-1692075176468.png Dev_3-1692075195481.png
Dev by New Contributor III
  • 10 replies
  • 0 kudos

Need information related to SOD API

Hi Team,We want to perform below tasks on SOD violation:1)Get All SoD Policy Violations.2)Update SoD Policy Violations.3)Get policy violation details by id.4)Get policy violation causes.5)Get policy violation action history details by id.6)Get policy...

Business Justification vs Comments

Being new to Saviynt here, so my question can be basic. But I want to know what is the main difference between Business Justification and comments? Why there is a need for a separate space/box/area for it?Why a single space would not have worked, lik...

SOD Rule set approval

While performing an update of SOD Ruleset, can we configure a 2-level approval workflow? How?While performing a bulk upload activity, can the 'download' option be disabled? Or how can we restrict users from downloading this? What types of file valida...

Resolved! SOD check between user identities

Hi all,Is there a way to configure preventive SOD checks between multiple user identities at the point of access request? For example, under the user profile, there is a custom attribute that stores the id of their relatives working in the same organ...