You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Is the Accepted RMC incident suppose to reopen if another role SoD conflict is found?

in Risk Management and Compliance 1 comment

Summary:

For example, we have an RMC incident about Role A conflicting with Role B in a user account.

Initially, we see it as business needs and decided to Accept this incident.

In the Next RMC control run, we found that Role C is added to the user account and the incident is updated to Role A conflicting with Role B and C. However, the status is still remain Accepted.

We expect the status will be changed to Assigned again and require user to review because the risk is changed.

Is our understanding on RMC status correct?

What is the Oracle suggestion here if we want to have the incident to reopen from Accepted?

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!