cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Request can not be approved, Mitigate risk(s).

Former Member

on ‎08-25-2016 10:19 AM

0 Kudos

Hello,

Need you help on our issue.

We are currently using GRC 10.1 SP12. We have this scenario when the user requested for two different roles (Finance with risk and HR roles) beloging to two different paths.

The approval goes below:

StageApproval
ManagerYes
ServicedeskYes
Role Owner for HRYes
Role Owner for Finance (with risks)Yes

On the role owner stage, the request will split depending on the path where the role is associated.

If the HR Role Owner will approve first, the role owner has been prompted with an error to mitigate the risk associated to Finance. 

Our question is that why is it that the HR role owner must be required to mitigate the Finance risk which is not related to his / her role.

See screenshot below.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member182655
Contributor
‎08-25-2016 10:44 AM
0 Kudos

Hi Jill-Ann,

As I know this conception of GRC, if you request roles in one request they must be evaluated together within risk analysis. I see 2 possible solution (there might be more of course):

  • customize system to create more than one request per user (not recommended) and request FI roles in one request, HR roles in another.
  • 2nd possible solution (as we have): set risk mitigation procedure for a different stage. We set it for Manager stage and base on the mitigations/risks results role owner takes a decision.

Regards,

Artem

Show replies
Show replies
Former Member
‎08-25-2016 11:06 AM
0 Kudos

Hello Artem, T


Thanks.

Appreciate your response but the roles belong to different path and it has no risk. Shouldn't the system allow the approval for HR roles and let the mitigation process be handled on different path.

Why do the mitigation should be handled by the HR role owner if the role which has risk belong to Finance.

Regards,

Jill

former_member193066
Active Contributor
‎08-26-2016 1:32 PM
0 Kudos

Yes,

if request which has risk move to different path and request with risk goes to different path,

This can be done. you need to makes changes .

Regards,

Prasant

Former Member
‎09-01-2016 6:01 AM
0 Kudos

Hello Prasant,

What specific changes are you referring? Please advise. Thanks.

Regards,

Jill

former_member193066
Active Contributor
‎09-15-2016 10:56 PM
0 Kudos

Hi,

i do not think HR guy should see roles on Finance when he or she open inbox.

set parameter 2031 to NO.

that should solve your problem.

Regards,

Prasant

Ask a Question