Show TOC

Function documentationMitigated Profiles Locate this document in the navigation structure

 

Use the Mitigated Profiles screen to assign mitigating controls to a profile.

Prerequisites

You must first define a mitigating control before you can assign it to a profile to mitigate an access risk.

Assigning a Mitigating Control to a Profile
  1. Choose   Mitigated Access   Mitigated Profiles  .

    The Mitigated Profiles screen appears showing a list of existing profiles to which mitigating controls have been assigned.

  2. Choose the Assign pushbutton.

    The Profile Mitigation screen appears.

  3. Enter information in the required fields.

    (The required fields are marked with an asterisk (*).

    • Access Risk ID — Select the field to enter the access risk ID.

    • Control ID — Select the field to enter the control ID you want to add.

    • Monitor — This field is automatically populated with system data after you choose the control ID.

    • Valid From — This is the start of the period for the mitigating control.

    • Valid To — This is the end of the period for the mitigating control.

    • Status — Choose Active or Inactive from the dropdown list.

  4. Choose the Add pushbutton to associate a system to the mitigating control.

  5. Choose the Add pushbutton to associate a role to the mitigating control.

  6. Choose   Submit   Close  .

    The mitigating control you assigned is included in the list on the Mitigated Profiles screen.

Deleting a Mitigating Control from a Profile
  1. Choose   Mitigated Access   Mitigated Profiles  .

    The Mitigated Profiles screen appears showing a list of existing profiles to which mitigating controls have been assigned.

  2. Select the profile you want to delete and choose the Delete pushbutton.

    A window appears where you can confirm your decision to delete this mitigating control.

  3. Choose the Yes pushbutton.

    The mitigating control you deleted is removed from the Mitigated Profiles screen.