Skip to Content
author's profile photo Former Member
Former Member

Role level mitigating controls not affecting position level reports

Hi,

Here's the problem we're having with mitigating controls:

When I assign a mitigating control to a role, it correctly mitigates the risk when we perform a role level SoD analysis. However, when we perform a position level analysis, the same role shows up again in the report as not mitigated. Anyone else running into this issue? We are on CC5.2 with SP4. Is this fixed in later SPs?

Simple Example:

Role ABC has conflicting tcodes FBV0 and FBVB. We applied a mitigating control to this role and it doesn't show up anymore on the role level reports.

When running the position level SoD analysis, position number 50010000 contains role ABC and the same conflict shows up again even though the conflict is entirely within Role ABC and not with other roles that are in position 50010000.

Thanks,

Robert

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • author's profile photo Former Member
    Former Member
    Posted on Apr 29, 2008 at 12:43 PM

    Hi Robert,

    I think you need you mitigate each object separately. I also suggest you to mitigate the HR position as well.

    Thanks and Regards,

    Faisal

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Apr 29, 2008 at 05:31 PM

    We have a similar problem, when the Position is Mitigated - the analysis is correct but the User assigned to the position still indicates Risks.

    Does this mean- We have to mitigate Role, Position and User?

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      All,

      I opened a customer message with SAP and it seems that this issue is a limitation with CC 5.2 Mitigating at the role level will will not follow through to the position level reports. However, it seems that it will follow through to the user level as long as you have configured it under the Configuration->Additional Options tab. There is a setting there that will allow rule level mitigating controls to take affect at the user level.

      Thanks,

      Robert

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.