Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AC 5.3 RAR - combined risk analysis reports for regular auth. and SPM auth.

yudittzruya
Participant

‎05-25-2009 9:50 PM

0 Kudos

Dear All,

we have users that have regular day-today authorization and also FF authorization.

Does the Batch Risk Analysis takes into account both authorizations when doing the risk analysis for those users ? will we see it in the reports ?

Thanks

Yudit

6 REPLIES 6

Former Member

‎05-26-2009 5:41 PM

0 Kudos

If the roles assingned to those users having violation then you can see it in the risk analysis.

I mean the authorization assigned to the users are defined in the risk then it will show in the analysis.

Regards,

Sudip

yudittzruya
Participant
In response to Former Member

‎05-26-2009 6:42 PM

0 Kudos

Hi,

Thanks for the response.

let me clarify the issue :

we have a user with regular roles which in parallel was assigned to an FF id.

This FF id was assigned some other roles.

the question is if in the batch risk analysis the system checks the combination of the regular roles and roles which are assigned to the relevant FF id.

thanks

yudit

Former Member
In response to Former Member

‎05-26-2009 6:57 PM

0 Kudos

Hi Yudit,

I understand what do you want to say.

The case you are telling will come in the risk analysis, because risk analysis will be run on user level or role level.

If you run it in user level then the system will checks for the roles assigned to that user not FF ids.

Regards,

Sudip.

yudittzruya
Participant

‎05-26-2009 7:02 PM

0 Kudos

ok, so basically the answer is no, in the RAR components we do not have risk analysis for the combinations of the roles assigned to the user and to his FF ID.

in that case, at what stage does the system checks for those combined risks ?

is it checked when we manage the risk analysis phase in the CUP request that is asking to assign the FF ID to the user ?

thanks

Yudit

Former Member
In response to yudittzruya

‎05-26-2009 7:10 PM

0 Kudos

No, in that case also it wouldn't check.

Regards,

Sudip

yudittzruya
Participant
In response to yudittzruya

‎05-26-2009 7:17 PM

0 Kudos

OK,

as far as i know if we config. in the SPM the "Connector ID for Risk Analysis and Remediation" parameter to yes, it means that a risl analysis is being done.

so, when is it done ? how can i see the results ? is it for the FF ID roles only ?

thanks

Yudit