GRC - Risk manager unable to see buttons for mitigation task

mday
Tera Contributor

Our scenario is that our compliance team has created a Risk and it is owned by a standard GRC user. The assessment was taken and the response was set to mitigation. A mitigation task opened as expected and the GRC user who is assigned to the task wrote out a plan and set the task to the "Review" state. However, when the Risk Manager went to review, they did not have access to the buttons "Close" or "Back to Draft" for approving/requesting for more details about the plan.

 

I reviewed the documentation (found here: https://docs.servicenow.com/bundle/vancouver-governance-risk-compliance/page/product/grc-workspace-r...) and it says the following: 

 

Screenshot 2024-01-23 at 4.36.31 PM.png

I am confused because I opened a support ticket about this and they said that only the "assigned to" user or the owner of the risk has access to these buttons. Is it not expected that the mitigation is reviewed by the compliance manager at this stage? What is the purpose of the review state in the mitigation task?

 

Any help would be appreciated!

5 REPLIES 5

Community Alums
Not applicable

Hi @mday ,

As i mentioned earlier, it's okay as per your organization to have Compliance and Risk manager  as same. so just provide the right roles to them, the risk would go for their review.