Hi Sai
Options comes to mind:
- Create each as own function with ACTION SCASE and then the underlying permissions. They will all match except for that one field. Then add them to the SoD risks. You would have 4 functions here. You could then have 3 risks
- Create a function with SCASE and all the common permissions they share. Then created a second function that is permission only with the one authorisation they vary on and use the OR condition for the different field value (i.e ACTVT 01 OR 02 AND FIELDX A OR FIELDX B, etc). Then create a risk with the two functions for conflict. You would have 2 functions here. You could the have 1 risk.
- Take option 2 but create a function that is for Credit Case Reviewer and then a function that combines Creator, Requester and Processor (use the OR to differentiate the common field)
How you go about making this work comes back to the the ANDs and ORs in your permission setup. I recommend you try the combinations and see what is best for you
Regards
Colleen