Mitigated Users 
Use the Mitigated Users area to make new mitigated users by associating them with predefined mitigating controls individually or with blanket mitigation. Blanket mitigation allows you to mitigate access risks for several users at one time.
You can also use this feature to search for users already mitigated by association of a user and a mitigating control.
Prerequisites
You must first define a mitigating control before you can assign it to users to mitigate an access risk.
Assigning a Mitigating Control to a User
-
Choose
Mitigated Access 
Mitigated Users 
.The Mitigated Users screen appears showing a list of existing users to whom mitigating controls have been assigned.
-
Choose the Assign pushbutton.
The User Mitigation window appears.
-
Enter information in the required fields marked with an asterisk (*) on the screen..
-
Access Risk ID — Select the field to enter the access risk ID.
-
Control ID — Select the field to enter the control ID.
-
Monitor — Automatically populated with system data after you choose the control ID.
-
Valid From — Start of the mitigating control period.
-
Valid To — End of the mitigating control period.
-
Status — Choose Active or Inactive from the dropdown list.
-
-
Choose the Add pushbutton to associate a system to the mitigating control.
-
Choose the Add pushbutton to associate a user to the mitigating control.
-
Choose
Submit Close .The mitigating control you assigned is included in the list on the Mitigated Users screen.
Deleting a Mitigating Control from a User
-
Choose
Mitigated Access Mitigated Users .The Mitigated Users screen appears showing a list of existing users to whom mitigating controls have been assigned.
-
Select the user you want to delete and choose the Delete pushbutton.
A dialog box opens where you can confirm your decision to delete this mitigating control.
-
Choose the Yes pushbutton.
The mitigating control is removed from the Mitigated Users screen.