on 03-27-2010 12:52 PM
Hi all,
we are on GRC AC 5.3 SP10. CUP and RAR are active and work fine together.
CUP is configurated for not mandatory Risk Analysis into stage and Risk Analysis (on tab configuration) permit approver to approve despect any risks. Also mitigation tab permit to do it.
During a request type (e.g. new userID) an approver can approve the request only if is not performed risk analysis (even if the role into the request contain some risks).
If an approver perform a risk analysis on the same request above, after appear an error message: Some unmitigated risks exist.
We do not expect this message, based on CUP configuration above.
Any experience?
Thanks.
Massimo
hi Massimo,
You got message ie u can identify the risk id.With this risk u can check in RAR .do this
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Pinaki Sarkar,
thanks for your reply. But maybe I have not well understand.
The message in CUP is: "Some unmitigated risks exist."
The risk ID are present into RAR. I ask to CUP ignore risk (if present and not mitigated) into request, but after risk analysis (on request that contain a role with some risks unmitigated) CUP reply to me with the message "Some unmitigated risks exist." should not happen.
Tell me if I was not clear and if you need more information.
Many thanks.
Massimo
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.