Skip to Content
avatar image
Former Member

Critical action alerts being generated inspite of mitigating critical role

Hi Everyone

Does anyone know as to what is the best practice of managing the critical actions?

I have the following suggestions:

- Since it is a detective control, we do not do anything to the critical actions that is not being used.Alerts should be generated for this if at all anyone executes these transactions.

- Mitigate the critical roles marked as critical - as they have a separate monitoring process.

- Mitigate the users for critical transactions used on a day to day basis.

We are currently trying to reduce the amount of critical alerts being generated. There are a number of roles (especially) the fire fighter roles that have been marked as Critical and they have been excluded from SOD risk analysis as they have a separate control and monitoring procedure (the SPM reports) for these roles. We are in 5.2 and hence dont have the exclude objects functionality in the background job section.

We are trying to achieve that when a user is assigned the critical role, no alert should be generated when the user executes the critical transactions in these roles as the fire fighter log report acts as a control mechanism for monitoring the risk.

However, when we try to mitigate the risk (with the *) and mitigate the role and in the alert generation section, tick the option to include mitigated users. We still receiving alerts for the critical transactions belonging to the mitigated role.

Does the mitigation of critical action work only at user level??

Any answers/suggestions would be highly appreciated.

Kind Regards

Vishal

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Sep 23, 2010 at 10:06 AM

    Hi Vpatanik

    We have the same problem. Have you already solved? how?

    i do not want to update and maintain mitigated roles table, it would be great if alert generation takes into account mitigated roles.

    thanks a lot

    Add comment
    10|10000 characters needed characters exceeded