Hi Team,

Good day.

I am new to GRC design perspective. Requesting your expertise advise on understanding remediation view.

Currently we have configured remediation view and we are able to see the risk analysis, transaction usage count all other details and we understood that, it has very good features. But just wanted to understand exactly on

1) At what step this is exactly helpful. GRC team will run risk analysis for users and able to see in remediation view. So what's the next step, like are we going to send this to user first before supervisor, to take decision? if yes, how can we setup the workflow for this. And so it always 2 step process (one for user and after his/her decision, then to supervisor with actual approval request) ?

2) what is the strategy in setting up remediation view If our access request workflow automatically performs risk analysis in normal mode when the user submit the request through self service ? Is there any popup mechanism to show up remediation view to user first before submitting for decision making ?

3) "We can mitigate the risk in the same view" ---------> So who is WE here , GRC Security team or supervisor or auditors or user ?

Apart from Role removal, what other mitigations we can perform through this ?

4) " The remediation view graphically identifies the access risk violations and allows users to make informed decisions. You can take remediation action directly from the results of user-level access risk analysis. You can initiate a workflow to update user or role authorization assignments, validity dates and mitigate access. "

what is this highlighting pointing saying about, why this step and how ?

Please advise.

Thank you,

Aravind.