Mitigated Role for Organization Rules 
Use the Role Organization Mitigation screen to assign mitigating controls to an organization rule for a role.
Prerequisites
You must first define a mitigating control before you can assign it to an organization role to mitigate an access risk.
Assigning Role Organization Mitigation
Choose
Mitigated Access 
Role Organization Mitigation 
.The Role Organization Mitigation screen opens showing a list of existing organization roles to which mitigating controls have been assigned.
Choose the Assign pushbutton.
The Role Org Mitigation window opens.
Enter information in the required fields.
(The required fields are marked with an asterisk (*).
Org. Rule ID — Select the field to enter the organization rule ID.
Access Risk ID — Select the field to enter the access risk ID.
Control ID — Select the field to enter the control ID you want to add.
Monitor — This field is automatically populated with system data after you choose the control ID.
Valid From — This is the start of the period for the mitigating control.
Valid To — This is the end of the period for the mitigating control.
Status — Choose Active or Inactive from the dropdown menu.
Choose the Add pushbutton to associate a system with the mitigating control.
Choose the Add pushbutton to associate an organization role with the mitigating control.
Choose
Submit Close .The mitigating control you assigned is included in the list on the Role Organization Mitigation screen.
Deleting Mitigating Controls from Roles
Choose
Mitigated Access Role Organization Mitigation .The Role Organization Mitigation screen opens showing a list of existing organization roles to which mitigating controls have been assigned.
Select the organization role you want to delete and choose the Delete pushbutton.
A window opens where you can confirm your decision to delete this mitigating control.
Choose the Yes pushbutton.
The mitigating control you deleted is removed from the Role Organization Mitigation screen.