cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Significance of Monitor in Mitigation control

Go to solution
Former Member

on ‎05-06-2009 9:41 PM

0 Kudos

Can any body help me understand what does Monitor does in Mitigation control and what does the statement mean below:

"When creating a mitigation control, need to define the Action, Monitor ID, and

Frequency. If the monitor does not execute the action within the set frequency, then an alert

is generated"

Thanks,

Abhimanu

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎05-07-2009 6:13 AM
0 Kudos

Hello Abhimanyu,

1. Can any body help me understand what does Monitor does in Mitigation control:

The role of Monitor is to see whether everything that was risky from the access being mitigated is fine or not. That is, he/she would see to it that the user who has been given extra excess or conflicting access has not misused it. Every Mitigatin control, for this purpose has a Monitor attached to it who does this job.

2. what does the statement mean below:

"When creating a mitigation control, need to define the Action, Monitor ID, and

Frequency. If the monitor does not execute the action within the set frequency, then an alert

is generated"

I guess this is also covered in the explanation for point 1 and the post above from Margaret. In case not, please let us know.

Regards,

Hersh.

http://www.linkedin.com/in/hersh13

Edited by: HERSH GUPTA on May 7, 2009 10:43 AM

Show replies
Show replies
Former Member
‎05-26-2009 6:39 PM
0 Kudos

Hi,

Thank you for the answer which has resolved half of the issue but not the second question which ir primarily based on the significance of Report tab,

Monitor ID,

Action: What action he has to excute and where does Monitor do this - is this some transaction he has to run in backend

Frequency: What is the frequency which is required to execute this action within the given time

What does this statement mean:

If the monitor does not execute the action within the set frequency, then an alert

is generated

Thanks,

Abhimanu

Former Member
‎05-27-2009 7:59 AM
0 Kudos

Hi Abhimanyu,

1. Action- This is some tcode a monitor has to execute in backend to see that reports.

E.g. if someone is doing check payment entry(risk), and mitigation is done for a user/role,there must be a tcode where we can check what payments are made( sorry I am not well versed in FI tcodes) , this tcode will be put in action tab and monitor will have to check it via that particuler tcode.

2.Frequency is simplly what the period you want to set within which a monitor must perform this activity - say one week or one month.

3. If a monitor doesnt execute that action/tcode within that time, a alert will be generated and mail will be triggered to mitigation approver(indicating that supposed task is not being performed).

Hope it helps.

Regards,

Sabita

Former Member
‎05-27-2009 7:09 PM
0 Kudos

Hi,

Thank you for the information. This is good and has answered my question.

Thanks,

Abhimanu

Answers (1)

Answers (1)

Former Member
‎05-06-2009 10:27 PM
0 Kudos

HI:

When you create a Mitigating Control...if the control is "Manager runs XXX report once a month"...you can define the action (transaction code)...then the monitor (who is running this report) and frequency (how often - once per month).

Then, if you set up alerts on it...if the "monitor" does not run the report once per month (according to statistics, execute the transaction)...then an alert will be generated for the Monitor's manager, to let them know they have not done the control.

Margaret

Show replies
Show replies
Ask a Question