Remediation vs. Mitigation 1.0

Remediation: Actions taken to eliminate an identified risk. Typical SAP remediation activities include, but not limited to:

  • Simple Security Roles Modifications
  • Functional Activity Groups Modifications
  • Updating SoD Risk
  • Creating New SoD Risks
  • Updates to Functions
  • Creation of New Functions
  • Updates to Actions
  • Restricting Users Access

Mitigation: Actions taken to monitor risks which cannot be remediated. Mitigation is a less desirable action due the costs associated with the maintenance, execution and traceability requirements of the mitigating control.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s