on 04-12-2013 6:17 PM
Hi Experts,
I need your advice on this.
We have a requirement when primary controller not mitigate risk then that request escalates to Backup Controller.so Can Mitigation Controls have 2 Owners in SAP GRC 10.
If not then any advice how i achieve this.
Hi,
One owner and multipale monitors.
Regards, Mel
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
The monitor is responsible for the assignment of the risk. If the risk can be mitigated this person will be responsible for the monitoring of this risk. If the risk is a sensitive access risk the monitor will be responsible for the following:
The risk owner is responsible for what risk gets added to the mitigating control.
Hope this helps!
Hi,
Thanks for the information.
Can you please help in this scenario.
When a request have SoD then is Detour & moves to Controller. For a particular location we have 2 Controllers A,B.
A is a controller which is owner of control id but B don't have that thing.
now when a request comes then we use User A to mitigate a risk coz A is a owner of that risk.But we got error "Rule with ID &GRAC_CNTRLASGN_INITIATOR& does not exists for rule type 1 "
BUT User B is able to submit mitigation control workflow request[User B is does not have any Control/Risk id owner] then only User A got mitigation control approval request.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.