Skip to Content
0
Former Member
Dec 02, 2009 at 12:47 PM

RAR 5.3- use of role level mitigation

120 Views

If we mitigate a role and assign the role to a user, the risk will still appear in user level risk analysis, then what is the use of assigning mitigating control to the role?

If this is the case than I'll consider assigining mitigating controls only to users.