Keep existing controls when closing a recommendation.
When performing a risk analysis, the user should evaluate the vulnerability level and justify it by listing the existing controls.
In case the risk is too high, the user will want to reduce it by defining some recommendations. Then when the recommendations will be implemented, the user will close them.
The issue here is that Monarc will delete, in the risk analysis, the previously existing controls, whereas the new controls might be implemented on top of the older ones.
So the possibility should be given to the user to:
- Either keep the previous controls and add the new ones
- Or delete the previous controls and replace them by the new ones
Thanks
Keep existing controls when closing a recommendation.
When performing a risk analysis, the user should evaluate the vulnerability level and justify it by listing the existing controls.
In case the risk is too high, the user will want to reduce it by defining some recommendations. Then when the recommendations will be implemented, the user will close them.
The issue here is that Monarc will delete, in the risk analysis, the previously existing controls, whereas the new controls might be implemented on top of the older ones.
So the possibility should be given to the user to:
Thanks