on 07-07-2016 2:06 PM
Hello All,
Could you please help me on this setting, We are on GRC 10.1 SP level 13.
Risk owner should be able to mitigate their own risks but not others.
For Example - In the access requests we have got 4 risks P001,P002, S001, S002.
For P001, P002 risk owner is ZPOWNER and for S001, S002 risk owner is ZSOWNER.
At the Risk owner stage, request is waiting for approval ZPOWNER and ZSOWNER. Approval type is set to "All Approvers"
But here ZPOWNER is mitigating all the risks (Were ZPOWNER is not the risk owner for risks S001 and S002) and request is getting closed.
System should only allow risk owner ZPOWNER to mitigate risks P001,P002 and risk owner ZSOWNER should mitigate only S001, S002 risks.
Could you please advise, how do we restrict such cases. Risk owners should be able to mitigate their own risks but not others.
Thanks in advance.
Regards,
Abhi
Dear Abhi,
how did you restrict the authorizations? GRAC_RISK and GRAC_MITC?
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Alessandro,
Thanks for your time and reply on this.
I have checked the objects GRAC_RISK and GRAC_MITC except activity field all other fields are maintained are "*". Screenshot below.
Based on your reply, i guess we need to restrict field GRAC_MITC in object GRAC_MITC.
Please provide your suggestion on this to over my issue.
Thanks in advance.
Regards,
Abhi
Hi,
I think Risk Owners are approving at SOD violation stage. if so, could you implement Note: 1670504. Then you can route Risks to their respective owners, and not to Owners of other Risk ids. So, could you provide the Agent id used by you, for Approval of Risk.
Regards
Plaban
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi All,
Can any one able to advice me on this please.
Thanks in advance.
Regards,
Abhi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.