Author's LinkedIn Profile : linkedin.com/in/javedkhan0107
Purpose of the document:
Creation and assignment of Mitigation Controls in SAP GRC 12.0.This document describes the Mitigation configuration proces in GRC12 Access Control in very simple and easy way.
What is Mitigation?
The Mitigation allows you to mitigate certain risk violations that you want available to specific users or roles. This is done by creating and assigning a Mitigation Control.
Why is Mitigation is required?
you can use mitigation controls when it is not possible to separate Segregation of duties SoD from the business process.
Now we will learn how to create and assign a Mitigation.
and should be maintained under Path, NWBC > Setup > Access Owners > Access Control Owners ,as below.
Assign one as Mitigation Monitors and Second as Mitigation Approvers
Step 2) Now, we will be creating Root Organization
Give the name as per your requirement and execute.
Step 3) Now, Goto NWBC > Setup and maintain data for Root Organization
Open the Organization you created.
Details for General and Owners Tabs are compulsory
Step 4)
Now, we will create Mitigation Control Id
Goto NWBC > Setup > Mitigation Control
maintain the details
Give the Risk Id under Access Risks which you wanted to Mitigate. One Mitigation Id can be used to Mitigate multiple Risks.
In Owners tab maintain the same two users which we had created in Step -1. One as Approver and another as Monitor.
We have created Mitigation Control Id now Save and close this tab.
Step 5)
Now we will assign this Mitigation Control Id to the User who has a Risk.
Goto Mitigated User under Access Management under NWBC.
Goto Assign tab and fill all the required details, we already created the Control Id, Monitor and Approver, same we can maintain here, also give the user Name which you wanted to mitigate and click on save.
Step 6)
We may now proceed for Risk Analysis
Maintain all required details.
Upon executing Risk Analysis it will through as no Violation.
User is Mitigated, we achieved our goal, we learned End to End Process of MItigation Creationa and assignment here.Hope this document will help you to learn the mitigation Process.Please feel free to ask questions and comment if any issue related to Mitigation is being faced or any further help needed, this will motivate to create further more SAP blogs.
Purpose of the document:
Creation and assignment of Mitigation Controls in SAP GRC 12.0.This document describes the Mitigation configuration proces in GRC12 Access Control in very simple and easy way.
What is Mitigation?
The Mitigation allows you to mitigate certain risk violations that you want available to specific users or roles. This is done by creating and assigning a Mitigation Control.
Why is Mitigation is required?
you can use mitigation controls when it is not possible to separate Segregation of duties SoD from the business process.
Use
You can use Mitigating Controls to associate controls with risks, and assign them to users, roles, profiles, or HR objects. You can then define individuals as control monitors, or approvers, and assign them to specific controls. You can also create organizations and business processes to help categorize mitigating controls.
Using the Mitigating Controls section, you can complete the following tasks:
Create mitigating controls (that you cannot remove)
Assign mitigating controls to users, roles, and profiles that contain a risk
Establish a period of time during which the control is valid
Specify steps to monitor conflicting actions associated with the risk
Create administrator, control monitors, approvers, and risk owners, and assign them to mitigating controls
Now we will learn how to create and assign a Mitigation.
GRC Controler Roles under PFCG
and should be maintained under Path, NWBC > Setup > Access Owners > Access Control Owners ,as below.
Assign one as Mitigation Monitors and Second as Mitigation Approvers
Owners Assignment
Step 2) Now, we will be creating Root Organization
SPRO Tcode
Give the name as per your requirement and execute.
Step 3) Now, Goto NWBC > Setup and maintain data for Root Organization
Under NWBC
Open the Organization you created.
Details for General and Owners Tabs are compulsory
Step 4)
Now, we will create Mitigation Control Id
Goto NWBC > Setup > Mitigation Control
maintain the details
Give the Risk Id under Access Risks which you wanted to Mitigate. One Mitigation Id can be used to Mitigate multiple Risks.
Risk Id asignment
In Owners tab maintain the same two users which we had created in Step -1. One as Approver and another as Monitor.
Owners Assignment
We have created Mitigation Control Id now Save and close this tab.
Step 5)
Now we will assign this Mitigation Control Id to the User who has a Risk.
Goto Mitigated User under Access Management under NWBC.
Goto Assign tab and fill all the required details, we already created the Control Id, Monitor and Approver, same we can maintain here, also give the user Name which you wanted to mitigate and click on save.
User Mitigation
Step 6)
We may now proceed for Risk Analysis
Maintain all required details.
Upon executing Risk Analysis it will through as no Violation.
Risk Analysis
User is Mitigated, we achieved our goal, we learned End to End Process of MItigation Creationa and assignment here.Hope this document will help you to learn the mitigation Process.Please feel free to ask questions and comment if any issue related to Mitigation is being faced or any further help needed, this will motivate to create further more SAP blogs.
- SAP Managed Tags:
2 Comments
