Solved: GRC Risk Analysis

madhusap · ‎2013 Nov 27

Hi All,

We have a requirement, where if during risk analysis it is found that user has requested for roles with risk level as HIGH, then approver should not be able to approve or should not be able to assign mitigation control. Only option that should be available is REJECT. Client want us to look into this requirement.

But as far as what I know, in case of risks with risk level as HIGH, i can define alternate path based on risk rating or Even if the approver assigns mitigation control, then it needs to be approved by Mitigation owner in another stage. And one more thing is to enable the option to avoid approver from approving the request despite risks which can be done during stage settings.

Specific requirement is approver should not approve nor should he be able to assign a mitigation control to the risk in case of risks with risk level as HIGH.

Is there any way to achieve this?

Let me know your ideas on this requirement.

Regards,

Madhu.

Former Member · ‎2013 Nov 28

Hello Madhu ,

I think with help of dummy stage you can acheive this .

Before risk analysis stage take the user request to a dummy stage where set escalation after a minute and set a routing rule based on risk type . Now after one minute at dummmy stage request will be automaticall forwarded because of escalation and request will go on two path : path1 for high risk and path 2 for medium and low /

In path 1 have a stage with approver and only enable reject option . but for path 2 stage enable both approve and reject option at stage level setting .

Hope this helps ..

KInd Regards

Asheesh

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My SAP Profile

My SAP Profile

GRC Risk Analysis

Know the answer?

Need more details?

Accepted Solutions (1)

Accepted Solutions (1)

Answers (0)