on 09-15-2016 3:25 PM
All,
I've configure the below critical permission risk in our GRC system. The risk has one function.
Below is the configuration for the function. The function doesn't have any actions. It has permissions only.
When I run Risk Analysis at the user level, I don't get any results and I don't know why. I've completed a full sync for the connector and the configuration appears to be working properly. The only thing I can think of is in the role, the P_ORGINCON authorization object has '*' in all fields, but this shouldn't be an issue.
Please help.
Hi All
Any risks are not showing in risk analysis for User or Role, please check any role is defined as critical role.
if we define any role as critical, then it will over rule all risks and it will show in critical role/profile tab that role.
after you remove/inactivate that role you will see all the risks in that role and if any combinations.
if you check that defined critical role for Role risk analysis you will not see any risks or no violations, only it will show as critical role/profile.
Regads
Ravinder Nalla
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Tiffany,
did you generate the rules after you created the critical permission risk? Is it attached to a rule set? We can't see that from the screenshots you shared. Apart from that it looks fine.
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.