Mitigated Role Question

Former Member · ‎03-12-2010

I have created a mitigating Control for a role and added the specific Risk ID. If I run Risk Analysis on the role; it now shows up clean. But if I run Risk Analysis on the users that have the role; the still show the risk. Do I need to create the mitigating control for the role as well as each user that has the role?

Thank You,

Former Member · ‎03-12-2010

Thanks to all that helped. My problems are now solved.

I tried to give each of you points for your help; but i get an error every time I click on one of the point levels.

Thank You,

Ryan Dearman

Former Member · ‎03-12-2010

Sirish,

I did have to set "Include Role/Profile Mitigating Controls in User Analysis" to Yes. Thanks for that. When I run Risk Analysis on the user the mitigated Risks are no longer visible.

So, I am halfway there.

I still see the Risks while viewing CUP tickets. Is there a background job that pushes the change to CUP?

Thanks,

Ryan Dearman

Former Member · ‎03-12-2010

Hi Ryan,

When you run the risk analysis on user level, did you selected the option "Exclude mitigated risks"?

In addition, you have set the configuration parameter "Include Role/Profile Mitigating Controls in User Analysis"

to YES by going to Configuration -> Additional Options.

In the configuration -> Risk Analysis -> Default Values -> Exclude Mitigated Risks needs to be set to YES.

In addition put * after the risk((ex: F001*) in your mitigation control.

Hope this helps.

Best Regards,

Sirish Gullapalli.

Mitigated Role Question

Accepted Solutions (0)

Answers (3)

Answers (3)

Re: ASEGURAMIENTO DE TABLAS

Re: Getting error while Creating role in BRM

Re: How to enable the add, delete,edit system on s...

Re: CJS-30252 Running priviledged function stop of...

Successfactors login issue.