on 04-23-2015 2:20 PM
Dear all.
I am considering to mitigate at user group level in GRC. That means for example for all the users related to user group: GROUP_A i want to mitigate an specific or all the risks. Is this feasible in GRC?
Is it also possible to mitigate at Business Unit / Organization level?
Kind regards and thank you.
Sara.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Sara,
mitigations are generally done on user, role or profile level. Additionally you can mitigate on HR objects which might be a solution for you. Mitigation on HR objects means you can assign mitigating controls to positions, jobs or org units.
If your users in GROUP_A belong to a specific organization unit you can consider defining a mitigation for that org unit with the help of HR object mitigation. Directly mitigating on user group is not possible with the current solutions available.
Hope this helps.
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.