Skip to Content
avatar image
Former Member

how to mitigate userid

hello all,

pls experts tell me the procedure for mitigating the userid in grc5.3



Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Aug 05, 2010 at 02:14 PM


    Assuming that mitigation controls are already defined, 2 ways to mitigate user.

    1. Perform risk analysis in CUP request, mitigation can be performed before provisioning access to the user if risks exists.

    2. Alternatively, mitigation can be done in RAR. Mitigation -> Mitigated users -> Search -> Add.



    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Sanjay,

      did you already define mitigation controls for the risks that you have already defined in RAR.

      Normally users/roles will be mitigated when they have the risks that can not be removed from them.

      Then note down the risks which are there with users/roles then goto mitigation tab

      Then search for the mitigation controls using RAR-Mitigation tab-> Mitigation controls-> give risk -> search mitigation controls

      Once you find the list select appropriate mitigation control for the risks you already have in hand then goto change mode then there is one option mitigate use click on that then add userId