Hi All,
We're implementing GRC 10.0 Access Controls.
The dashboard reports include output for all rules; including SOD rules and sensitive/critical action rules. We would like to exclude the sensitive/critical actions from the dashboard reports. We only want the dashboards to show SOD conflicts.
What is the best way of achieving this?
Our initial thought is to build two separate rulesets – one for SOD rules and one for critical actions. We will then set the SOD ruleset as the default ruleset in the AC settings, and rerun the batch risk analysis job.
Also, is it possible to generate pie charts for the individual business processes? The “Risk Violations” dashboard shows a bar chart, but when we click on any of the business processes, a table listing violations is generated.
Any guidance would be much appreciated.
Thank you!