Hi Sankar

You can only mitigate the role/profile; the user; or a HR object

Extending Andreas' comment, you will need to define a function that contains the authorization you deem critical (function does not require an action) and then add it to a critical action risk and assign that risk to your rule set.

When you complete SoD analysis, the users with that Critical Action will flag and then you can mitigate them

Regards

Colleen

Hi Sankar,

before mitigation you need a risk. Create a risk (critical auth. xy) and an associated funtion or adding that sensitive object to an exiting risk/function. Afterwards you can mitigate that risk/or even the rule ID pointing add that particular auth. object.

Cheers,

Andreas