on 11-03-2014 11:05 PM
From reading other discussions, I understand that I need to add a new mitigation monitor, remove the mitigation assignments with old monitor and can then remove the old monitor from the mitigation control. But I have one question on this. When removing mitigations from previously mitigated users (no longer have SAP User ID for various reasons) do I simply inactivate these mitigations from the old SAP user ID or do I have to delete the mitigation from the user ID in order to be able to remove the old mitigation monitor assignment?
Your help on this question is great appreciated!
Cathy
Sorry that my question has not been understood. Please let me re-phrase.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Alessandro, this document is very helpful and I had already downloaded in my research on the subject, What I am confused by is this on mitigation assignments.....
Can you please comment? Thank you!
Alessandro, thank you very much!!! That is finally what I was trying to get at. To go one step further however, the only time you can use Inactive is if the mitigation is no longer required for the user. If the control is still needed, then the monitor has to be changed to another person before the old monitor can be removed. I think I have the logic on this now. Thank you again!
Has anyone tried deactivating the control for a user and then running the SoD conflicts to get the open risks and then re-assigning the mitigating control with another monitor, continuing on the date the previous record was ended. Our internal and external auditing team wants to see history of the mitigation and monitoring. But when we add the new record, same risk, same mitigating control, but a different monitor and date range, it deleted the old inactive one. Can you not keep history of who monitored this user previously?
Becki
Hi Cathy,
I guess you are making your concrrns too complex.
If your requirement is just to remove the old mitigation monitor and add the new one then simply replace.
You don't really have to do anything with the mitigation id's. In your case mitigation id would be assigned with mitigation monitor and controller so just replace the existing mitigation monitor with the new one.
Doing so would update the mitigation assignments of the mitigated users with the new mitigation monitor.
Let me know if you meant something else.
Regards,
Ameet
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Cathy,
Mass maintenance for Mitigation controls is not possible as of now in GRC 10.0.
Only Mass change for mitigation assignments is possible.
1749804 - Download & Upload reports for mitigation assignments |
Mass change of Mitigation Assignments
For mass maintenance of monitors please check below discussion
Regards,
Madhu.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.