cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Updating Mitigation Monitor with new individual

Go to solution
Former Member

on ‎11-03-2014 11:05 PM

0 Kudos

From reading other discussions, I understand that I need to add a new mitigation monitor, remove the mitigation assignments with old monitor and can then remove the old monitor from the mitigation control.  But I have one question on this.  When removing mitigations from previously mitigated users (no longer have SAP User ID for various reasons) do I simply inactivate these mitigations from the old SAP user ID or do I have to delete the mitigation from the user ID in order to be able to remove the old mitigation monitor assignment?

Your help on this question is great appreciated!

Cathy

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎11-04-2014 4:03 PM

Sorry that my question has not been understood.  Please let me re-phrase.

  • All mitigation assignments with a specific mitigation monitor must be removed in order to delete that mitigation monitor from the mitigation control. 
  • When removing mitigation assignments from users, do I inactivate the mitigation assignment or do I have to delete it?
  • Goal is to remove the mitigation monitor from the mitigation control.
Show replies
Show replies
alessandr0
Active Contributor
‎11-05-2014 12:44 PM
0 Kudos

Hi Cathy,

my document does answer all your questions:

To remove a mitigation completely just remove the line in Excel and upload the file.

Please let us know if you need more details.

Regards,

Alessandro

Former Member
‎11-05-2014 4:44 PM
0 Kudos

Alessandro, this document is very helpful and I had already downloaded in my research on the subject,   What I am confused by is this on mitigation assignments.....

  • Go to Mitigated User
  • Open one user
  • You can now change the mitigations listed from Active to Inactive.  I am guessing that if I just change to Inactive, this would still cause a problem when I try to remove an old monitor.  It would still show as the Monitor Mitigated as in your error message contained in the document.  Am I correct?
  • If this is correct, then what is the purpose of the Inactive status for mitigations?

Can you please comment?  Thank you!

alessandr0
Active Contributor
‎11-05-2014 4:54 PM
0 Kudos

Hi Cathy,

that's not correct. If a mitigation is inactive the monitor can be removed from the mitigating control (only if all the mitigations are inactive). Hence you have the history available in the system (that's also the purpose).

Does that answer your question?

Regards,

Alessadnro

Former Member
‎11-05-2014 5:02 PM
0 Kudos

Alessandro, thank you very much!!!  That is finally what I was trying to get at.  To go one step further however, the only time you can use Inactive is if the mitigation is no longer required for the user.  If the control is still needed, then the monitor has to be changed to another person before the old monitor can be removed.  I think I have the logic on this now.  Thank you again!

alessandr0
Active Contributor
‎11-05-2014 5:06 PM
0 Kudos

Exactly - to change to another person my document is very helpful as it shows how mass change can be done. Within the GUI you are only limited to perform such changes.

Have fun 🙂

Regards,

Alessandro

Former Member
‎03-18-2015 3:40 PM
0 Kudos

Has anyone tried deactivating the control for a user and then running the SoD conflicts to get the open risks and then re-assigning the mitigating control with another monitor, continuing on the date the previous record was ended. Our internal and external auditing team wants to see history of the mitigation and monitoring.  But when we add the new record, same risk, same mitigating control, but a different monitor and date range, it deleted the old inactive one.  Can you not keep history of who monitored this user previously?

Becki

Answers (2)

Answers (2)

Former Member
‎11-04-2014 5:38 AM
0 Kudos

Hi Cathy,

I guess you are making your concrrns too complex.

If your requirement is just to remove the old mitigation monitor and add the new one then simply replace.

You don't really have to do anything with the mitigation id's. In your case mitigation id would be assigned with mitigation monitor and controller so just replace the existing mitigation monitor with the new one.

Doing so would update the mitigation assignments of the mitigated users with the new mitigation monitor.

Let me know if you meant something else.

Regards,

Ameet

Show replies
Show replies
madhusap
Active Contributor
‎11-04-2014 2:03 AM
0 Kudos

Hi Cathy,

Mass maintenance for Mitigation controls is not possible as of now in GRC 10.0.

Only Mass change for mitigation assignments is possible.

1749804 - Download & Upload reports for mitigation assignments

Mass change of Mitigation Assignments

For mass maintenance of monitors please check below discussion

Regards,

Madhu.

Show replies
Show replies
Ask a Question