on 04-15-2014 4:17 PM
Hello Friends,
I need to configure Mitigation policy in ARM to force mitigation/remediation only for High Risks. I have followed all the steps mentioned in the link , however it does not seem to be working.
Can anyone please share any configuration document or web link providing guidance on the config steps.
Regards,
Rohit Shetty
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
The Risk analysis has been set as mandatory in the MSMP Configuration.
Regards,
Rohit Shetty
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Rohit,
Manually.....
I think that is part of manual step as you have marked risk analysis mandatory, so at certain stage you are forcing risk analysis, you can specify this as manual process to perform this on risk level "High" and I guess as you might have set detaur if SoD found, so on that step you can setup manual process to consider remediation and mitigation only for High risk levels.
Automation......
If you want to automate risk level based selection, I think you will have to create a Routing rule so you can use it as detaur for condition (IF risk is "High").
I have not build this, but you can check if feasible.
BR,
Mangesh
Hi,
do you have the risk analysis as mandatory? So that it has to be run before approval?
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Ensure "Approve Despite Risk" is left unticked within the Access Request stage where a approver has to either mitigate or remove the risk prior to approval.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.