on 03-02-2015 2:55 PM
Hello Everyone,
I am working on SoD conflicts analysis and remediation on GRC 5.3. I have come across a very weird situation. I got two users with unmitigated SoD conflicts.When I pulled the RAR report on Org. Level, I found two org. values(Org. rule) as "NA".I cannot see any role modification as well.Can anyone tell why the unmitigated SoD conflicts is coming for the users?
1. I have checked the validity for the Mitigation control
2. I have checked whether mitigation is assigned to the risk or not
3. I have checked the role modification as well
Hi Harinam and Alessandro,
I am having one risk analysis report for the user with unmitigated SoD conflicts. I just want to know why unmitigated SoD conflicts are coming for the user.
Please find the below example: The org rule is coming NA for the user. It mean the org values are not maintained in the GRC it seems. Can you please throw some light on it. I will proceed further once I am clear to you. Do you need more information?
User | Risk | Risk | Risk Level | Business Process | Organization Rule | Mitigation Control | Comments |
Vaibhav | M4_MB30 | O2C212 Sales Pricing Condition - O2C207 Customer MD | B (High) | Order to Cash | M4_NA | Not assigned | IT User, Mitigation not assigned |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Is "NA" an actual org value or something else like a error?
May be a good idea to share some screenshots.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for the Response Harinam
"NA" is the org value which is not maintained.
We got the reason for the unmitigated SoD conflicts for the user. Org values are not maintained for few org levels, that is why the unmitigated SoD conflicts are coming for the user.
But now there is a new challenge in it. We have to provide the org. values for the particular org levels.
This will resolve the issue. But we don't know how to find out the correct org values for the org levels.
Can you please help?
Regards,
Rahul
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.