cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SOD Review process in GRC10

Former Member

on ‎06-13-2012 9:31 AM

0 Kudos

Hello Experts,

Today we perform our mitigation review process manually. We send emails to all the control owners and request to review the control documents and the users assigned to the controls. I am thinking of using the workflow for SOD review process. Which is more automated. From my understanding of the standard workflow in GRC10, we maintain owners for the risks, and the emails are sent to the risk owners to review the mitigating controls and the users assigned to the controls. Since we have a lot of control owners for a given risk. The standard workflow woud not work. I am thinking of using BRF+ rule to create a decision table with the mitigating control number (vs) mitigating control owner. Is there a way i can build a BRF+ rule for mitigating control owners in GRC10 and use it as a agent rule instead of the standard agents in the SOD review processID?

I am not sure if it is possible. Would like to get some insight from the experts here.

Thanks for responding,

Thanks,

Raghav

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

simon_persin4
Contributor
‎06-13-2012 4:30 PM
0 Kudos

Hi Raghav,

You should be able to create a custom agent rule for this in the same way that you would with the standard Access Request Process.

I've looked at doing it myself to be able to have more fit for purpose approval for this process but haven't got that far with it!

I'm not sure how it aligns with the standard configuration parameters 2006 and 2018 but give it a go and see how the workflow behaves! I believe that it should take the workflow configuration over the configuration parameters but we'll see.


Simon

Show replies
Show replies
Ask a Question