cancel
Showing results for 
Search instead for 
Did you mean: 

Critical Permission Risks Not Displaying in Risk Analysis

TiffanyHerring
Explorer
0 Kudos

All,

I've configure the below critical permission risk in our GRC system.  The risk has one function. 

Below is the configuration for the function.  The function doesn't have any actions.  It has permissions only.

When I run Risk Analysis at the user level, I don't get any results and I don't know why.  I've completed a full sync for the connector and the configuration appears to be working properly.  The only thing I can think of is in the role, the P_ORGINCON authorization object has '*' in all fields, but this shouldn't be an issue. 

Please help.

Accepted Solutions (0)

Answers (2)

Answers (2)

con-nallar
Discoverer
0 Kudos

Hi All

Any risks are not showing in risk analysis for User or Role, please check any role is defined as critical role.

if we define any role as critical, then it will over rule all risks and it will show in critical role/profile tab that role.

after you remove/inactivate that role you will see all the risks in that role and if any combinations.

if you check that defined critical role for Role risk analysis you will not see any risks or no violations, only it will show as critical role/profile.

Regads

Ravinder Nalla

alessandr0
Active Contributor
0 Kudos

Hi Tiffany,

did you generate the rules after you created the critical permission risk? Is it attached to a rule set? We can't see that from the screenshots you shared. Apart from that it looks fine.

Regards,

Alessandro

TiffanyHerring
Explorer
0 Kudos

Hi Alessandro,

The risk was generated and attached to a ruleset.

former_member193066
Active Contributor
0 Kudos

Hi,

just run only selecting critical permission.. i guess your are on 10.1

Regards,

Prasant