Skip to Content

Different risk popping up for different user on same roles.

Dear All,

When I am doing risk analysis on user level for two users having simillar roles there are two different access risk ID popping up for simillar roles.

Any problem with risk rule setup?

Regards,

Abhisshek

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Nov 24, 2014 at 01:25 PM

    Abhisshek,

    did you run the sychronization jobs for users and roles? Could be that the information is not up to date.

    Can you show us some printscreens from the risk analysis so that we can check ourself?

    Thanks and regards,

    Alessandro

    Add comment
    10|10000 characters needed characters exceeded

    • Abhisshek,

      the risk might be a combination of authorization objects that are in several roles. Means that based on your rule set and definition of the function it shows as risk. Therefore I asked for detail report where we can see all the authorization objects and its relationship to the roles.

      ps. Can you please follow me so that I can send you a private message.

      Regards,

      Alessandro

  • avatar image
    Former Member
    Nov 24, 2014 at 12:49 PM

    Hi Abhisshek,

    You can check the detailed Risk Analysis report. For which role ,risks are appearing and then further

    you can come to some conclusion. ideally if both have same access , risk ids should be similar. But in

    case user A have access to additional system compared to User B ,It might show up another risk id.

    Thanks,

    Mamoon

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Nov 24, 2014 at 04:31 PM

    why don't you check in the back-end system if the user comparison is done or not? If yes, then try troubleshooting in Quality by assigning them same roles and perform risk analysis.

    Also,

    try running Risk analysis at role level and make sure the data is same for all the roles.

    Add comment
    10|10000 characters needed characters exceeded