Skip to Content
Nov 19, 2013 at 07:11 AM

Mitigation Control at Role Level/user level


Hi ,

I created a Business Role in SAP GRC 10.0 mapped with couple of single roles from different systems.

I have done the role level risk analysis for the buiness role and assigned the Mitigation control for the Risk IDs generated.

when this business role is assigned to the user through access request,mitigation control that is assigned to the Business Role, is assigned to the user or not?

Steps performed
End user select the business role and submit the request
Request triggers the Role owner
When the Role owner opens the request and done the risk analysis for the business role the Mitgated risk id are still showing.
But I have already assigned the mitigation control for the risk ids of the role.

I want to know if mitigation done at role(business) level is also reflected in user level.

#User is a new and has not been provisioned yet.