on 06-21-2012 9:25 AM
The Mitigated risks are still appearing, while RA is done, with 'Include Mitigation Risk' option unchecked.what is the possible reason?
Hi Plaban,
Kindly maitain the configuration parameter 1030 -Include Mitigated Risks as 'NO' under cofiguration setting in SPRO and then apply the note 1682738 at your end.
Regards,
Yukti
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Plaban,
Have you mitigated the associated role or user and assigned the mitigating control to them?
Best Regards,
Smriti
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Plaban,
It may be possible that you have mitigated the risk for the specific Rule id. or in other words while creating the Mitigation Control under the Access Risk you have mentioned some of the Action rule id or Permission rule id of the risk. Thats why when you run the risk analysis by unchecking the include mitigated risk, those rule ids appears which has not been included in the Mitigation Control.
Kindly check that what all the Risk Rule id are coming., and then check that mitigation control that whether that rule id is included in the mitigation control.
Regards
Shaily
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.