Non-SAP Provisioning waiting for SAP GRC Risk Analysis

nbidwai1987 · June 3, 2026, 12:48pm

We have SAP GRC integrated with SailPoint IIQ for risk analysis only. If SoD risks are identified, a GRC request is created; otherwise, no GRC request is generated.

We observed that when a user submits a single request containing:

SAP S/4HANA roles
AD groups
Disconnected application roles

provisioning for all requested items waits until the SAP GRC risk analysis process completes. As a result, AD groups and other non-SAP access are not provisioned immediately.

Is this expected behavior? Is there a way to allow non-SAP items to proceed with provisioning while SAP roles continue through the GRC risk analysis process?

Any guidance or best practices would be appreciated.

neel193 · June 5, 2026, 9:58am

@nbidwai1987 Try enabling split provisioning in your LCM workflow and see if it works for you.

Topic		Replies	Views
Running SAP GRC with Risk Analysis as well as Access Management mode IIQ Discussion and Questions	2	672	July 19, 2023
SAP GRC multiple provision issue IIQ Discussion and Questions	19	4644	July 19, 2023
Not able to get the response from Sap-Grc IIQ Discussion and Questions identityiq , provisioning , roles , access-requests	8	815	November 22, 2023
SAP GRC Risk Management Mode IIQ Discussion and Questions identityiq , connectors	6	42	June 1, 2026
SAP GRC Invalid Request No Error during Provisioning IdentityIQ (IIQ)	1	2538	March 29, 2022

Non-SAP Provisioning waiting for SAP GRC Risk Analysis

Related topics