Remediation vs. Mitigation 2.0

The aim of Remediation is not to suppress all the conflicts but to have them all under control.

For each identified risk, there are  4 possible solutions for remediation/mitigation.


  • Modify user authorizations/roles to remove risk.
  • Change the organization’s job roles and responsibilities matrix so that the user no longer requires the access.


  • Remove user authorizations/roles and give user periodic access to risk by provisioning a firefighter ID that will be appropriately monitored.
  • Create and apply the appropriate mitigating or compensating control to the risk.Slide15

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s