cancel
Showing results for 
Search instead for 
Did you mean: 

Procedures for creating mitigation controls

Former Member
0 Kudos

Hi,

Could you please provide some of useful links(complete procedure) for creating mitigation controls in user level and role level.

Thanks & Regards,

KKRao.

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
0 Kudos

Hi KK,

You need to follow the following steps for creating Mitigation Control & to assign to Users ; Roles.

a) First you need to create Administrators & Monitors i.e who will own the Mitigation Control & who monitors the mitigation control

b) Create mitigation control ID and the mitigation control - Assign the risks that are mitigated through this mitigation control

c) Assign monitors and approvers created in First step to the mitigation control

d) If you have any reports to be run in SAP as a part of mitigation then assign those reports and the frequency, monitors in the Report tabs

e) Then assign Monitors using the Control Monitors tab

f) Once the above steps are completed then only you can assign Mitigating Users & Roles to the Control and validity of the control for that particular user. If validity is not provided then by default it will take 365 days which will set in configuration

g) For this you need to use Mitigated users tab & Mitigated roles tab

    • One key point to remember while assigning Mitigated Users to Control is you need to give RISK ID as P004* otherwise the user will not get mitigated. The reason behind this when we generate SOD rules - a rule id will be created with 8 characters P0040001 and hence if Risk ID * is not given the system doesnot know which rule to be picked up for the Mitigated user. Hence if * is given in the risk id all the rules falling under that RISK ID will be covered for Mitigation.

You can also follow the steps provided in the COnfiguration Guide for the Mitigation Controls. Below is the link

https://websmp202.sap-ag.de/~form/sapnet?_SCENARIO=01100035870000000202&_SHORTKEY=011000358700007181...

For this you need to have SUSER ID.

Alternatively you can also see the below link which is SAP HELP for GRC Access Controls

http://help.sap.com/saphelp_grcac53/helpdata/en/45/92c7fa00494714a4162ad707d9b328/frameset.htm

Please let me know if you need any further information

Thanks and Best Regards,

Srihari.K