on 08-25-2016 10:19 AM
Hello,
Need you help on our issue.
We are currently using GRC 10.1 SP12. We have this scenario when the user requested for two different roles (Finance with risk and HR roles) beloging to two different paths.
The approval goes below:
Stage | Approval |
---|---|
Manager | Yes |
Servicedesk | Yes |
Role Owner for HR | Yes |
Role Owner for Finance (with risks) | Yes |
On the role owner stage, the request will split depending on the path where the role is associated.
If the HR Role Owner will approve first, the role owner has been prompted with an error to mitigate the risk associated to Finance.
Our question is that why is it that the HR role owner must be required to mitigate the Finance risk which is not related to his / her role.
See screenshot below.
Hi Jill-Ann,
As I know this conception of GRC, if you request roles in one request they must be evaluated together within risk analysis. I see 2 possible solution (there might be more of course):
Regards,
Artem
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Artem, T
Thanks.
Appreciate your response but the roles belong to different path and it has no risk. Shouldn't the system allow the approval for HR roles and let the mitigation process be handled on different path.
Why do the mitigation should be handled by the HR role owner if the role which has risk belong to Finance.
Regards,
Jill
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.