on 03-21-2013 2:23 PM
hello, we are using GRC 10 AC. we would like to use UAM with risk analysis. For the first wave we want approvers to mitigate risk within approval. BUT we want only mitigating new risk coming from the UAM requesting roles and ignoring risks which comes from backend roles assigned already to the user. I remember that 5.3 did offer such an option. Any help is appriciated. Thanks. Nguyen
Hi Nguyen,
Set the Parameter - 1030 Include Mitigated Risks to NO
Thanks and Regards
Ankit sharma
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
would configuration parameter 1073 - Enable SoD violations detour on risks from existing roles
be used as part of your solution?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Nguyen
If the risk analysis will be started, there is a option is called "Additional Criteria" with the selection option "Include Mitigated Risk". If you don't set the tick, then only new risk, which are not mitigated, will be showed.
I hope this helps?
Regards
Martin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi de Jong, this is not what we want to do . we have a 2 stage path. the first stage is for role approvers. in this stage the role approvers runs the risk analysis. and there we want to mitigate risk caused by new roles requested, risks caused by already assigned roles should be ignored. Thanks. Nguyen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.