Skip to Content
author's profile photo Former Member
Former Member

Mitigation Control at Role Level/user level

Hi ,

I created a Business Role in SAP GRC 10.0 mapped with couple of single roles from different systems.

I have done the role level risk analysis for the buiness role and assigned the Mitigation control for the Risk IDs generated.

when this business role is assigned to the user through access request,mitigation control that is assigned to the Business Role, is assigned to the user or not?

Steps performed
End user select the business role and submit the request
Request triggers the Role owner
When the Role owner opens the request and done the risk analysis for the business role the Mitgated risk id are still showing.
But I have already assigned the mitigation control for the risk ids of the role.

I want to know if mitigation done at role(business) level is also reflected in user level.

#User is a new and has not been provisioned yet.


Thanks,
Mamoon

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • author's profile photo Former Member
    Former Member
    Posted on Dec 10, 2013 at 07:26 PM

    Hi Mamoon,

    Did you get any conclusion about it?

    We have the same scenario in one of our clients, Business Roles with N single roles.

    The client has the expectation that, once the Business Role is mitigated, there is no reason to mitigate the risk in user level when is requested accecc to this Business Role.

    Thanks,

    Felipe Barros

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi Felipe,

      Even I am struggling to get that.We are also using business role as position and BR are mitigated. But when assigned to user( having no existing roles) it shows risk.

      We again go for mitigation at user level by BR owner.Please let me know if you get any solution for this.


      Thanks,

      Mamoon

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.