Hi GRC Experts,
We need to exclude any medium risk while running risk analysis on the access request form and consider only High risk. So we can mitigate only the High risk and can ignore the medium risk. Appreciate for an quick response. Attached screenshot to explain this.
System details:
--------------------
SAP GRC 10.0
GRCFND_A V1000 Version:0011
Configuration details:
---------------------------
1024 - Default risk level for risk analysis - 1 (HIGH)
1071 - Enable risk analysis on form submission - YES
1072 - Mitigation of critical risk required before approving the request - YES
Regards,
Feros.