To create a mitigating control:
Navigate to
.The Create Mitigating Controls screen opens.
In the Mitigating Control ID field, enter a unique alphanumeric identification for the mitigating control ID.
In the Short Description field, enter a short description for the mitigating control.
In the Business Unit dropdown list, select a business unit. The dropdown list displays all business units that you previously created with the Business Units screen.
In the Management Approver field, select the appropriate approver.. The dropdown list displays the approvers that are associated with the business unit you entered in the preceding step.
In the Associated Risks tab, choose the plus icon to add a risk ID to the mitigating control.
In the Monitors tab, choose the plus icon to add monitors to the mitigating control. The dropdown list displays the monitors that are associated with the business unit.
Note
You must create an Administrator role before you can assign the administrator to a business unit.
In the Reports tab, choose the plus icon to add systems, actions, descriptions, monitors, and frequencies.
Choose Submit.
Note
Mitigating Control supports workflow. The Submit choice indicates that workflow for Mitigating Control Maintenance is enabled. The control approver is notified through a workflow task. When the control is approved, the mitigating control changes are saved. The control must be approved to be available for assignment.