08-16-2016 4:41 PM
Hi,
I changed a SOD risk ID level from "HIGH" to "LOW" but in user level risk analysis and in mitigation control the risk is still showing up as "HIGH".
I regenerated the ruleset but issue is still persisting.
Attached is the screenshot.
08-17-2016 5:31 AM
Hi,
Could you verify after removing Risk id from your Mitigation Control, and then re-adding it.
I am trying to search for a note on this error.
Regards
Plaban
08-17-2016 1:11 PM
For mitigation control we can do this and it will resolve the issue but in User analysis also it showing wrong risk level.
Also we are trying to find out root cause to avoid it.
08-17-2016 8:24 AM
Dear Customer,
Kindly implement the note 2093348 and then test the scenario.
Thanks & Regards
Japneet
08-17-2016 1:07 PM
We are at GRC 10.1 SP 12 hence this note is not applicable. This note is applicable till 10.1 SP 08.
08-17-2016 1:13 PM
Rajesh Sah wrote:
We are at GRC 10.1 SP 12 hence this note is not applicable. This note is applicable till 10.1 SP 08.
Rajesh,
That is why those details are among the *required* information in this space, so that you avoid wasting the time of people who are kind enough to try to help you. Please review the Minimum Information required document for your future reference.
Thanks,
Gretchen Lindquist
Space Moderator
08-17-2016 1:49 PM
08-17-2016 9:12 AM
Hello Rajesh Sah,
Try to remove the Risk Id and add it again to the mitigation control as sahoo mentioned as the image 3333.jpg suggest that the risk id level that you changed is not updated since the updated on column shows date in the year 2015.
Try executing Authorization Synch. job and re-generate the rules again.
Regards,
Rakesh Ram M
08-17-2016 1:13 PM
Authorization synch & re-generation all done. . Issue still persist in user level risk analysis.