I have just introduced a new workflow, and to keep it as simple as possible I'd only introduced 1 approval step.
A new Request gets raised by person X; and they select a Business Unit - I want to have a security setting that dictates that Person X can only approve the Request if it for Business Unit 1; If it is for Business Unit 2 then they can't approve it; and Person Y can.
BUT I currently have a setting that says that all users in 'Business Admin' can approve requests, so this means Person X can approve ALL requests.
Is there a way to seperate out the security without creating a workflow step for each business unit?
If you're only dealing with a few people you can create a field on the form for the approver and populate it via rule with the correct person based on the BU selected. It can even be hidden. Then in the step security you would use the token for that approver field instead of any groups.
So the approver can be one of 30 or 40 people? If this is the case, then you could have the rule save a security group name instead of a person and just have all the people in groups appropriate to their BU. Make sense?