SAP GRC Tutorial
SAP GRC Useful Resources
Selected Reading
- SAP GRC - Creating Business Rules
- Data Sources and Business Rules
- Installation and Configuration
- SAP GRC - Workflow Integration
- Assigning Mitigation Controls
- SAP GRC - Enhanced Risk Analysis
- SAP GRC - Implementing Superuser
- SAP GRC - Superuser Privilege
- SAP GRC - Mitigation Controls
- SAP GRC - Risk Remediation
- SAP GRC - Risk Management
- SAP GRC - SoD Risk Management
- Process Control Work Centers
- SAP GRC - Audit Universe
- SAP GRC - Integration with IAM
- Integration with Access Control
- Access Control Launchpad
- SAP GRC - Authorization
- Access & Authorization Mngmt
- Access Management Work Center
- SAP GRC - Access Control
- SAP GRC - Navigation
- SAP GRC - Overview
- SAP GRC - Home
SAP GRC Useful Resources
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
Assigning Mitigation Controls
SAP GRC - Assigning Mitigation Controls
In an organization, you have control owners at different organization hierarchy levels. Risk should be managed and mitigated as per level of access.
The following are the control owners in an organization −
One control owner for global level
Different control owners for regional levels
Multiple control owners for local level
You have to assign mitigation controls to different levels of responsibipty. Now if there is a risk violation at region and local level, you should perform risk mitigation at highest level.
To use mitigation control at organization hierarchy, let us say you have performed risk analysis at organization level and the user violates all child organization rules and meets the condition of parent rule and only parent rule shows up; you can perform risk mitigation in the following ways −
Mitigation on user level
Mitigation on organization level