Change Approval - Parent-Child Relations

When there are parent-child relations between the entities, change approval only has to be enabled for the parent entity, provided that the children cannot be directly accessed. This means that the change approval set for the security profile covers the changes which can be made to the children as well.

Suppose that change approval has to be enabled for the security profile. Each security profile has an allowed inventory and a set of security actions as children. Because it is impossible to modify what the actions do or what can be accessed by the inventories, it suffices to set change approval only for the security profile. It is the security profile which is modified and not the actions or inventories themselves.

It is not recommended to activate change approval on the child entities because it offers no added security and it complicates the process flow of change approval for the parent entity.