on 02-26-2009 5:03 AM
Hi all,
I have a situation where after a risk has been removed from the users by removing the violating roles, however the Mitigating Control still remains tagged to the same user. Is there any efficient way of removing Mitigating Controls from users where the risks no longer exists?
Hi Alvin,
After removal of voilating roles from risk..If u think to remove user from mitigation conrol ,,go to mitigation-search for u r mitigation conrol and go to mitigated users tab,,and select the user and delete.
I hope this solves your problem
Thanks,
Joseph.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Joseph, thanks for the info. My problem comes in when the user request to have the violating role removed via CUP and it so happens that the Mitigating Control assigned for the old risk still has 6 more months of validity left. It seem like there is no mechanism to auto remove this MC when the role has been removed after the request in CUP have been approved and auto-provision.
My problem is that there might be many more of such users with redundant MC assigned to them in RAR. I can't find a way to search for such redundant MCs for cleanup. There is a possibility that when the same roles are assigned back to the users via request in CUP, these redundant MC if applicable will cause the Risk Analysis via CUP to not flag out any SoD issue.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sure.
You can just schedule it as any other report on periodic and ad-hoc basis as well.
--
Cheers!
Aman
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Alvin,
You can also remove the assignment of invalid Mitigation Controls for user by running a report under "Informer" Tab ->"User Level" and select report type to be Invalid Mitigation Control. This report will display all the invalid Mitigation Controls and from there u can disable / remove the assignment of this mitigation control to the particular user(s).
--
Thanks,
Aman
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.