SoD Risk Analysis: CC 4.0 vs CC 5.2
We are in the process of upgrading Compliance Calibrator from 4.0 to 5.2. We have successfull exported our custom rule set from 4.0 and imported into 5.2 as well as successfully ran full sync background jobs. The data we have for 5.2 (number of rules, mitigated users, functions, risks, etc) looks good so we have begun comparison testing to ensure that we get the same results in 5.2 that we were getting in 5.2.
In terms of running SoD Risk Analysis for Users and Roles, we are getting different results in 5.2 compared to 4.0. For example, several users are showing up as having violations in 5.2 whereas they are completely clean in 4.0. There are several roles also that are completely clean when running risk analysis in 4.0 but come up as having violations in 5.2.
Does anyone know why I might be getting different results? We don't understand what we're missing - we feel good about the accuracy of everything we've uploaded into 5.2 and also feel good about our configuration settings. Why would users show violations in the new version and not the old?
And ideas/insight/information would be greatly appreciated!