on 09-30-2009 10:37 AM
Hi all,
The definition of a Mitigation Control is associated to certain risk(s) and/or conflict(s).
The definition of a Mitigated User is linked to a Mitigation Control.
Note that system is never taken into account in such definitions.
Assuming we are having a Mitigated User U1 who should be mitigated for system 1 but no for system 2. Which is the best practice used in order to take such restriction into consideration when runnung risk analysis for system 1 and 2?
Thanks in advance. Regards,
Imanol
Comment
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
I also have same problem. Can any one clear this please....
want to know whether we can mitigate a user against a particular backend system only when the GRC is connected to multiple backend systems?
Is this possible atleast in latest versions 5.3 SP11 or SP12?
Edited by: dasarad on Sep 2, 2010 5:38 PM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.