Cyber GRC Ideas Portal
Risk Register Report Visibility Issue - - Cleanest option recommended by MetricStream product team.
Trackr rasied : 289326
Risk Assessments will only appear when the appropriate activities are added to the user role. The logic will apply here:
‘GRC – View All GRC Objects’ – View Risk Assessments for Assessable Entities irrespective of the user’s Organisation is the Owner Organisation or Applies To
‘GRC – View GRC Object’ - View Risk Assessments for Assessable Entities where the user’s Organisation is the Owner Organisation or Applies To
‘GRC – View All Asset’ - View Risk Assessments for Asset content irrespective of the Organisation owning the Content or Applies To.
‘GRC – View Asset’ – View Risk Assessments for Assets where the user’s Organisation is the Owner Organisation or Applies To
A combination of the either singular activity with ‘RSK – View Risk Assessment’ would allow organisation and applies to filtering of the risk register report.
Roll up functionality would still remain in place i.e parent organisations would be able to see risk assessments for Asset that belong to child organisations.
I have attached the email details and the recording where this was discussed with the product team is attached below:
|
Risk Register Visibility rules-20170706 0905-1 |
|
Thursday, July 6, 2017 |
|
10:05 am | GMT Summer Time (London, GMT+01:00) |
|
|
|
Play recording (11 min 24 sec) |
Beena - Since this is a core key capability of risk module, this needs to be tracked under RSK.
Once this is built from RSK, it will automatically be leveraged within IT-Risk app.
Could you please have this raised for RSK module.