on 08-31-2016 9:53 AM
Hi ,
Please let me know whether we can restrict the display of mitigation control to Owner/Approver according their region i.e is organizational Hierarchy.
Means Approver/Owner should able to view their respective region control only while mitigating the risk.
Thanks
Hi,
Mitigation Control assignment can be controlled through workflow. So, only the respective Mitigation Owner can assign, i.e only a Owner can assign Control, for whom he is the owner, and not for other Controls.
So, do not assign other role to Mit. owner except the standard ones(i think it is SAP_GRAC_MIT_CONTROL_OWNER), so that the owner can only approve workitem in Inbox.
Regards
plaban
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Lakshmi,
I encountered a similar requirement. The list of available controls is based on the org structure hierarchy in GRC NWBC, but the list also includes the parent-org's controls. If my org structure is "Org A (parent)" --> "Org B (child)", then Org B's available controls will include Org A controls. You can try removing the organizational hierarchy relationship between the regions and their parents, and instead have each region be a top-level or second-level org.
Hope this helps!
-Ken
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.