Skip to Content

GRC 10.1 Access Control Owner Group

While creating different types of owners under NWBC->Access management->Access control owners->owners.

We have multiple users defined as risk owner in GRC. To avoid maintaining each user individually into each risk we created a user group in SUGR “RISKOWNER” and assigned all risk owner user account to user group “RISKOWNER”.

This user group is set up as ‘Risk owner in Access Control Owners and assigned to “XX01” access risk. When I create an access request in GRC which have risk XX01, the risk owner is not found and an escape path is triggered from MSMP rule.

Can you please guide how to leverage owner group option within access group type? When we chose only owner the workflow work fine but when we select owner group it goes to an escape path defined in MSMP rule.

Any help will be big a help!!

Add comment
10|10000 characters needed characters exceeded

2 Answers

  • Best Answer
    Posted on Feb 25, 2017 at 04:22 AM


    Assign MSMP agent as Custom agent, with PFCG User groups as Agent type. Provide the user group name here. you do not need to assign any risk id to owner.



    Add comment
    10|10000 characters needed characters exceeded

  • Posted on Feb 27, 2017 at 07:47 PM

    Plaban Da Thank you for help!

    I only want to use PFCG group for one set of users (internal control team), remaining risk owners will still be individual user as risk owner. Do I need to two Agent Id for risk owner? In one agent ID can I chose agent type GRC API rules and in second agent can I chose PFCG user group?

    Do you have any document which I can use as reference?


    Add comment
    10|10000 characters needed characters exceeded