GRC Module: How to Create Access Models


Critical Concepts

An access model lists two business functions (also known as activities or processes), which if assigned to a role could result in access that rises the risk of fraud or errors in transactions that lead to financial misstatements

Steps to Take

1. Select the Risk Management tab

2. Select Advanced Controls tile

3. Select the Models icon

4. In Active Models, select Actions menu, then Create Access Model

5. Enter Name and Description, and select the checkbox for Override record limit and return all results for access model analysis to ensure all incidents are identified in results report

6. Next to Model Objects, select the Add button 

7. In Access Entitlement row, select the Add button, and the icon will change

8. To the left of Select Business Objects, click the Done arrow 

9. Next to Model Logic, select the Add Filter button 

10. In the Filter dialog box, enter the Name, and then select the Object, Attribute, Condition, and Type, then click the Search icon

11. In Search and Add dialog box, in Name and Description fields, enter criteria in text fields to search for Access Entitlements to add

12. Select the desired Entitlement, row will be highlighted, and then select OK

13. The Entitlement will display in the Value field, then click OK again

14. Repeat Steps #9-13 to create another Filter for the second Access Entitlement

15. Select Save and Close to finish the creation process

16. Open the newly created access model, and click the Security Assignment button

17. To the right of User Assignment or Group Assignment, select Add

18. Select the appropriate user Name or Group name, confirm the Authorized As value, and then select Save

19. To the left of Security Assignment, click the Done arrow to exit

If you still have questions or need additional assistance, please submit a ticket