Hi Ravi,
Thanks a lot for your insight in this.
I understand there is no difference between Business Units and Org.Units.
But, I wanted to understand why Org.Heirarchy is being used in case of mitigation controls. Why not they use business process which is being used while creating Functions and Risks.
What is the difference between Org.Hierarchy and Business Process. Why should a mitigation control be assigned to a Org.hierarchy? I doubt there should be some important benefit out of it rather than just identifying mitigation controls for different org.units.
Regards,
Sai.
