GRC 10.1 SP07

When I run a user level scan (Access Management WorkCentre) and include mitigated risks (checkbox) the user I am looking at has mitigation for a particular risk.

When I run a mitigated user report (Reports and Analytics WorkCentre) this user does not show up as having any mitigated risks.

I have not done any additional analysis other than this one user, but what could be the problem. I did see note 2144782, but wasn't 100% sure this applies to my issue.

I have a few questions:

1) Are there two tables I can compare to see the difference between these reports? GRACMITUSER does not show this user.

2) Running GRAC_DOWNLOAD_MIT_ASSIGNMENTS does not show this user

3) Which side is accurate - the report or the user level scan? Where does the user level scan get the information (that the user IS mitigated)?

4) If this note (2144782) fixes the problem I would like ot know the extent of the problem first - in other words, what will the new report show (goes back to the earlier questions asking about the tables)?

5) Could there just be a sync job somewhere I don't know about?