cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP GRC How does Mitigation Monitoring work ?

Former Member

on ‎09-11-2013 4:54 PM

0 Kudos

Hello All,

I am trying to learn the processes related to mitigation control monitoring. I understand a control requires an approver and a monitor. So what functions
does the mitigation monitor perform ?.

I'm interested in any reports that need to be working that would be employed by the monitor. Is there an enforcement mechanism logging or reporting
when the monitor runs related reports on mitigating controls ?  Also, is there available documentation on this
process ?

All information on this topic is welcome.

Thanks !

Jamie

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member193066
Active Contributor
‎09-12-2013 4:37 PM
0 Kudos

well.  simple one you can get in..NWBC>setup>OWNER

when you maintain mitigation monitor  see the descrition.. it gives the use of the position.

Regarsd,

Prasant

Show replies
Show replies
Arif1
Active Participant
‎09-13-2013 8:17 AM
0 Kudos

Hi,  when you create new mitigation control for any risk, you need to add Mitigation monitor and mitigation control and you need to assign report in action tab and need to frequent value like how frequent the monitor will get the report.  Thanks, Arif

former_member193066
Active Contributor
‎09-13-2013 8:57 AM
0 Kudos
Mitigation MonitorsMitigation Monitors are assigned to controls to monitor activity and may receive control monitor alerts.
Mitigation ApproversMitigation Approvers are assigned to controls and are responsible for approving changes to the control definition and assignments when workflow is enabled.

The control monitor will receive e-mail only when something is changed within the mitigating control. For eg: you have changed the risk or added or rmeoved some risk from the mitigating control.

Regarding the functionality of "report" which is maintained in reports tab of mitigating control, the e-mail is sent to the approver if control monitor does not run that report at the frequency mentioned.

To send notifications is in GRAC_ALERT_GENERATION, Check box "Send Notification". Are the alert mails generated

Regards,

Prasant

Former Member
‎09-13-2013 5:42 PM
0 Kudos

Prasant,

Thanks for your information. With regard to the "report" , are there standard reports that are used ? Are these defined in the action field in the reports section of the control ?

Thanks

Jamie

former_member193071
Participant
‎09-03-2014 11:05 AM
0 Kudos

Hi Prasant,


I have concern with regard to the report, please clarify my query.


As you said "Reports" which are maintained in reports tab of mitigating control, will trigger an e-mail to the Mitigation approver if control monitor does not run that report with in the frequency mentioned.


My Query:

Can GRC AC has the functionality to check the back-end system whether control monitor execute the report or not with in the maintained frequency. I think this functionality is available in PC. Could you please clarify me on this part?


Regards,

Kesava

Former Member
‎09-04-2014 7:17 PM
0 Kudos

A follow-on question to ths discussion.  Can you assign more than one Mitigation Monitor and select the appropriate monitor based on business unit where mitigation is being assigned to a user?

Regards,

Cathy

former_member184114
Active Contributor
‎09-14-2014 8:35 AM
0 Kudos

Kesava,

I have noticed that, Mitigation Approver keeps receiving email notification on timely basis (per frequency defined in mitigation control) for mitigation control he is responsible for.

I am not sure if system will check if Monitor has failed to execute the report within the defined frequency.

Also I noticed that, Monitor has not received any email notification if Mitigation Control (Monitor is defined) is modified.

Believe, still need some more information on application behavior for this.

Hope somebody would reply.

Regards,

Faisal

former_member291268
Explorer
‎08-19-2015 3:42 PM
0 Kudos

Hi Faisal,

Did you get help on this?  I'm facing the same problem.

Approver still receives the notification even if monitor executed the report in the defined frequency.

Regards,

Lynette

Ask a Question