Hi Ashish,

In my scenario i have one user which i give a role, this role contain SoD so Role Owner uses Risk Analysis which is in Access Control request tab & then Mitigate of Risk for particular User & task complete.

Now a new business role given to that user which also contain SoD so at that point of time Role Owner uses Risk Analysis which is in Access Control request tab & then it shows for that particular role does not contain any risk for that particular user which we already mitigate of risk for another role.

any advice on this.

Hi Sachin

We mitigate the user per the risks not for the roles.If the user is getting the risk for one roles and it is mitigated so the same risk  will not appear for any other role for that user.

Hope this answers your question.

Best Regards

Jyotsna

Hi Jyotsna,

Thanks for the info.

Can you please advice on below scenario.

When a request have SoD then is Detour & moves to Controller. For a particular location we have 2 Controllers A,B.

A is a controller which is owner of control id but B don't have that thing.

now when a request comes then we use User A to mitigate a risk coz A is a owner of that risk.But we got error "Rule with ID &GRAC_CNTRLASGN_INITIATOR& does not exists for rule type 1  "

BUT User B is able to submit mitigation control workflow request[User B is does not have any Control/Risk id owner] then only User A got mitigation control approval request.

Hi Sachin,

Regarding your first query, if you still want to see the risks although the role/user is mitigated, please select the option Include mitigated risks while running risk analysis.

Nitin