cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Mitigation at User Group / Business Unit

Former Member

on ‎04-23-2015 2:20 PM

0 Kudos

Dear all.

I am considering to mitigate at user group level in GRC. That means for example for all the users related to user group: GROUP_A i want to mitigate an specific or all the risks. Is this feasible in GRC?

Is it also possible to mitigate at Business Unit / Organization level?

Kind regards and thank you.

Sara.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

madhusap
Active Contributor
‎04-23-2015 2:45 PM
0 Kudos

Hi Sara,

Is it possible to make use of Supplementary Rule where you can include/exclude particular Risk ID for few users based on their User Group which is different from mitigation process ?

Regards,

Madhu.

Show replies
Show replies
alessandr0
Active Contributor
‎04-23-2015 2:36 PM
0 Kudos

Dear Sara,

mitigations are generally done on user, role or profile level. Additionally you can mitigate on HR objects which might be a solution for you. Mitigation on HR objects means you can assign mitigating controls to positions, jobs or org units.

If your users in GROUP_A belong to a specific organization unit you can consider defining a mitigation for that org unit with the help of HR object mitigation. Directly mitigating on user group is not possible with the current solutions available.

Hope this helps.

Regards,

Alessandro

Show replies
Show replies
Former Member
‎04-24-2015 7:06 PM
0 Kudos

Hi Alessandro.

Thanks for your explanation.

How do i indicate to which org.unit the users belongs to? Do i have to use the GRC Org structure?

How do i assign the mitigation control to de Organization? In the example i show i cannot see any element under the Object ID.

Kind regards and thank you.

Sara.

Ask a Question