- SAP Community
- Products and Technology
- Additional Q&A
- Blanket Mitigation Controls
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Blanket Mitigation Controls
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 03-09-2009 12:33 AM
Hi Gurus,
We are on 5.3 version of RAR,
I am creating a blanket Mitigation control to Mitigate a risk id against one role. when I run the Risk Analysis report the I found that , the risk id is mitigated for all the roles. For e.g.
The user has roles three roles A,B andC. The SOD Risk Id " R" is coming from all the three roles. I create Control M to Mitigate Risk id " R" only against Role A.
When I run the Risk analysis report the risk is mitigated for all the three roles whereas I am expecting it should be mitigated only for Role A and For Role B and C it should still show as unmitigated risk.
Is there there anything else I need to do??
Parveen
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hello Parveen,
Put * only after 7 Risk character of Risk Id and not after 4 char.
This will solve issue you are facing
Regards,
Surpreet
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Answers (2)
Answers (2)
hkaur
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Praveen,
As mentioned by Alpesh,if you want to mitigate a particular role then select that role and mititgate it. The whole purpose of blanket mitigation is to mitigate all roles against a risk at one time and avoid mitigating one role at a time.
Regards
Harleen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Praveen,
Don't put '' after the risk when you are creating mitigationg control. If you put '' after risk ID, it creates a blanket mitigating control. When you create mitigating control for particular risk, you will have to select the particular role and mitigate it.
Regards,
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- GRC Tuesdays: Insights into Cybersecurity Supply Chain Risk Management: Why, What and How in Financial Management Blogs by SAP
- Environment, Health and Safety in SAP S/4HANA Cloud Public Edition 2402 in Enterprise Resource Planning Blogs by SAP
- 2024 SAP Cloud Identity Services & IAM Portfolio: What’s New? in Technology Blogs by Members
- Sustainability with SAP S/4HANA Cloud Public Edition 2402 in Enterprise Resource Planning Blogs by SAP
- Mass Maintenance of Mitigation Control Owners - Invalid Old Owner Error in Financial Management Q&A
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.