on 05-06-2009 9:41 PM
Can any body help me understand what does Monitor does in Mitigation control and what does the statement mean below:
"When creating a mitigation control, need to define the Action, Monitor ID, and
Frequency. If the monitor does not execute the action within the set frequency, then an alert
is generated"
Thanks,
Abhimanu
Hello Abhimanyu,
1. Can any body help me understand what does Monitor does in Mitigation control:
The role of Monitor is to see whether everything that was risky from the access being mitigated is fine or not. That is, he/she would see to it that the user who has been given extra excess or conflicting access has not misused it. Every Mitigatin control, for this purpose has a Monitor attached to it who does this job.
2. what does the statement mean below:
"When creating a mitigation control, need to define the Action, Monitor ID, and
Frequency. If the monitor does not execute the action within the set frequency, then an alert
is generated"
I guess this is also covered in the explanation for point 1 and the post above from Margaret. In case not, please let us know.
Regards,
Hersh.
http://www.linkedin.com/in/hersh13
Edited by: HERSH GUPTA on May 7, 2009 10:43 AM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Thank you for the answer which has resolved half of the issue but not the second question which ir primarily based on the significance of Report tab,
Monitor ID,
Action: What action he has to excute and where does Monitor do this - is this some transaction he has to run in backend
Frequency: What is the frequency which is required to execute this action within the given time
What does this statement mean:
If the monitor does not execute the action within the set frequency, then an alert
is generated
Thanks,
Abhimanu
Hi Abhimanyu,
1. Action- This is some tcode a monitor has to execute in backend to see that reports.
E.g. if someone is doing check payment entry(risk), and mitigation is done for a user/role,there must be a tcode where we can check what payments are made( sorry I am not well versed in FI tcodes) , this tcode will be put in action tab and monitor will have to check it via that particuler tcode.
2.Frequency is simplly what the period you want to set within which a monitor must perform this activity - say one week or one month.
3. If a monitor doesnt execute that action/tcode within that time, a alert will be generated and mail will be triggered to mitigation approver(indicating that supposed task is not being performed).
Hope it helps.
Regards,
Sabita
HI:
When you create a Mitigating Control...if the control is "Manager runs XXX report once a month"...you can define the action (transaction code)...then the monitor (who is running this report) and frequency (how often - once per month).
Then, if you set up alerts on it...if the "monitor" does not run the report once per month (according to statistics, execute the transaction)...then an alert will be generated for the Monitor's manager, to let them know they have not done the control.
Margaret
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.