Mitigating Risks Mitigated Access allows you to manage the risks associated with access control by identifying risks, assessing the level of those risks, and assigning mitigating controls to users, roles, and profiles to mitigate access rule violations. A risk is identified through risk analysis and cannot be mitigated unless the control has been previously defined. The first step in defining or creating a mitigating control is to create a mitigating control ID. This ID appears in risk analysis reports. All risk IDs associated with the control must also be mitigated with this control. Use mitigating controls to: • Create mitigating controls that you cannot remove • Assign mitigating controls to users, roles, and profiles that contain a risk • Establish a period of time during which the control is valid • Specify steps to monitor conflicting actions associated with the risk • Create administrator, control monitors, approvers, and risk owners and assign mitigating controls to them.
Posted on: Sat, 10 Jan 2015 08:55:22 +0000
Trending Topics
Recently Viewed Topics
© 2015