Hello
Does anyone know if a function / risk / mitigating control approver should be able to modify the request prior to their approval? I saw a couple different things when testing (detailed below) so I wanted to get clarification.
RISK APPROVAL
As the risk approver, I noticed that the add/remove buttons were available for me to modify the functions assigned to the risk. I tried to remove AND add a function to see if the request would be updated to reflect the changes made by the risk approver. However, after approval, the changes are not taken into account and only the changes in the original request are reflected in the updated risk. Unlike ARM, there is no stage or task setting to allow for addition / removal of functions nor do I see a related configuration parameter so I'm not sure where this functionality is coming from.
FUNCTION APPROVAL
Unlike risk approval, the add/remove buttons are not visible for the function approver to modify the existing request.
MITIGATING CONTROL
Similar to the function approval screen, the mitigating control approval screen has the add/remove buttons but they have been greyed out so no changes can be made.
