on 03-30-2011 2:45 PM
Hi
We have a requirement of building up a custom rule set for our organization. The current requirement is to have a central rule set across for all system and have subsequent system specific Risks identified in addition.
Scenario: Letu2019s say we have identified around 100 risks across the enterprise, however only 50 risks out of 100 risks are applicable for one system. While for the second system there are around 70 risks applicable. Finally for the third one all 100 risks are applicable.
Should we have system specific rule sets to address the above scenario or should we have a common rule set for the enterprise.
Appreciate your inputs about the approach for building up of rule set for such scenarios.
Question: With GRC 10.0, can we run risks for a system on multiple rule set IDs at one time.
Thanks.
Anjan Pandey
Hi Anjan,
most customer use a single rule set and group there physical systems into logical systems. They then generate the rules on logical system level.
In AC 10.0 it will become easier to use multiple rule sets.
Best,
Frank
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Most of the clients will prefer to go with one rule set. However System can allow create/maintain multiple rule sets.
Anyway your requirement is to have one central rule set across all systems u2013 For that, Create Logical system and maintains one Rule set is the right approach and it gives flexibility for future usage to add /remove required systems. You can maintain risks by system specific, not required to maintain multiple rule sets.
Refer GRC Access Control Effective Rule Set Design document, it gives some good explanation of Rule Set Design&typical Scenarios, Logical & Physical systems approach..etc.
Regards,
Ram
Edited by: ram komma on Apr 13, 2011 1:55 PM
Question answered..
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.