Hello SN community.
I am looking for validation.
When assigning the GRC Business User role. Most of the documentation states to add users to the GRC Business User group.
Would it be better to assign the role directly to various ITIL type groups that would be assigned an IPT?
For example. if I assign an IPT to a server team assignment group GRC business user group, but the IPT intended for the server team
and some not all of the users of the group are part of the grc business user group, some users may not be able to be assigned to or see the IPT record and reporting on issues based on assignment group will not be accurate
Would it be a better approach to add the grc.business_user role to the server team assignment group, so that all users inherit the role and access to the assigned IPT to allow for reassignment within their team and the IPT can be directly assigned to their assignment group?
Is the GRC Business user group more for control of license usage?
Update: the OOB Ref qual looks for the grc.business_user role. So the only group that could be selectable would be a group that has that role anyways. Thoughts?
Thanks yall
