Clarification of Mitigating Alerts and Notifications
I am investigating mitigating controls in 5.2 and have a query regarding the difference between 'generate action log' and 'alert notifications'. In the configuration tab when maintaining background jobs for mit controls there are the above 2 options. None of the supporting documents clearly explain the difference between these. They're obviously both emails. I expect one advises that mitigating control is due to be executed (alert notificiation). That leaves 'generate action log' which seems to have something to do with capturing transactional data from R3. Can anybody clarify how these are used?
Many thanks in advance
Frank Koehntopp replied
"Generate action log" will go to the RTA on your ERP system, look into the STAD/STAT tables and analyse the transactions the users have run. If any one user has either executed a transaction from within a critical action risk or a combination of transactions from an SoD risk, the user name, date/time/terminal and transaction(s) will appear in the alert log.
Mitigating alerts check if a mitigation alert monitor has actually run the report that has been assigned in the control, in the defined period. He needs to have run that report at least once in order for this to work (so that CC can calculate the control period).
"Alert notifications" allows you to schedule a different time for when you want emails being sent to risk owners or control owners in case of a new alert. These emails will contain the information from the actual alert.