Mitigating Violations or Exceptions through a report

Note: To mitigate violations through reports, you must be a Rule Book Owner or a Business Process Owner for the respective rule book along with Business Process Owner role.
The following violation reports enable you to mitigate violations:
Insight Report
Authorizations Insight for Infor
  • Role Violations Report
  • User Violations Report
Authorizations Insight for Lawson
  • Role Violations Report
  • User Violations Report
Authorizations Insight for SAP
  • Role Violations Report
  • User Violations Report
Authorizations Insight for Oracle
  • Responsibility Violations Report
  • User Violations Report
Authorizations Insight for PeopleSoft FISCM and HRMS
  • Permission List Violations Report
  • Role Violations Report
  • User Violations Report

For example, assume that through the Role Violations report of Authorizations Insight for SAP, we mitigate violations by attaching compensating controls .

To do this:

  1. On the Reports tab of the Reports home page, click the Role Violations report on the Authorizations Insight for SAP - Rule Violation Reports panel. The Report Filters page is displayed.
  2. Provide filters.
  3. Click Run on demand to generate the Role Violations report.
  4. Click Mitigate next to a rule that has generated violations. The Mitigate Violation page is displayed.
  5. From the Mitigate Type drop-down list, select one of the reasons for mitigating violations.
    • Exclude Role/User: Mitigate the violation by excluding the object generating violations. When you select this option, the field Exclusion Expiry is displayed. Use this field to set the expiry date for the exclusion. Click the Calendar icon to select a date from the calendar or leave as Never Expires. This option is not available for selection if the violating object is from an Authorizations Insight for Infor connection.
    • Confirm corrective changes in system: Mitigate the violation by making corrective changes in the system. When you select this option, the status of the violation changes to 'Pending Close' .In this case the violation should be mitigated by making changes manually in the ERP application.
  6. Select the check box Apply compensating control to mitigate the violations by associating compensating controls. When you select this check box the field to select compensating controls appear. Type in the compensating control name in the auto suggest text box or browse and select the desired compensating control. Only the compensating controls that are already associated with the rule are displayed in the browse window. Click New to create a new compensating control to mitigate the violation. The newly created compensating control will automatically get associated with the rule.
  7. In the Comments field, provide the reason for mitigating the violation. This is an important step for capturing the full details of the remediation efforts. Provide as much information as you can about the action you have taken.
  8. Click Mitigate. The status of the violation on the Violations Browser page is changed from Under Review to Closed.
    Note: When role or responsibility violations are mitigated through violations reports by excluding the role or responsibility, the violation status on both the Violations Browser page and the Violations Report changes to 'Closed'. When a second analysis is performed and you select 'All' as an Exclusion filter on the Violations Browser page, the violation status for the excluded objects is displayed as 'Closed'. In the Violations Reports, however, you will still see the Mitigate link next to this violation. When you click on this link the status of the violation will be displayed as 'Closed'.