GRC - delegation of Control/Risk assesments

martinkruml
Tera Guru

Hello all,

 

I've been trying to find any solution or guides and tips, if it's even possible...

 

I have a request, that as GRC user, i want to be able to delegate my assigned controls to other users, so that delegated person can take over the job in absence or to reassign controls to the delegate to divide the workload.

 

 

So far, for this, I have found an article referring to Risk Assesments (Assessors), but have found nothing for Control Assesments.

 

Any tips how to handle this criteria?

1 ACCEPTED SOLUTION

Community Alums
Not applicable

Hi @martinkruml ,

Anyone who has "sn_grc.business_user" role can take attestation.

Now, let's say i have logged in as user who has "sn_grc.business_user" role, i have "assigned to" field editable OOTB, so if i want to assign it to some other user i can just simply change the assigned to and then the other new assigned to user can take the attestation:

Native UI:

SandeepDutta_0-1724219454566.png

 

Compliance Workspace:

SandeepDutta_1-1724219596728.png

 

Note:

Make sure whom you are assigning the attestation they should also have "sn_grc.business_user" role.

OOTB there is no email gets triggered for re-assignment, which you can create a new notification for the same.

 

 

View solution in original post

4 REPLIES 4

Community Alums
Not applicable

Hi @martinkruml ,

Anyone who has "sn_grc.business_user" role can take attestation.

Now, let's say i have logged in as user who has "sn_grc.business_user" role, i have "assigned to" field editable OOTB, so if i want to assign it to some other user i can just simply change the assigned to and then the other new assigned to user can take the attestation:

Native UI:

SandeepDutta_0-1724219454566.png

 

Compliance Workspace:

SandeepDutta_1-1724219596728.png

 

Note:

Make sure whom you are assigning the attestation they should also have "sn_grc.business_user" role.

OOTB there is no email gets triggered for re-assignment, which you can create a new notification for the same.

 

 

Hello @Community Alums 

 

Thanks for a tip! I am now wondering, as customer's wish is to minimize a work on this, if there's some other minimalistic way, instead of assigning role to bunch of people, I guess, you could create a group for it and make it easier, but is it really the only way?

Community Alums
Not applicable

Hi @martinkruml ,

You can cerate a Group called "Business users" assign the  "sn_grc.business_user" role to that group and then add the required members to the group.

 

Hi  @Community Alums ,

 

Are you sure with the 'sn_grc.business_user' the assigned to field is editable?

I couldn't edit the 'Assigned to' field for a user with this role  and its read only.