Hi together,
If we run the riskanalysis in CUP on a stage, we received all risks for the user.
But there I have a question: Why is there shown for one risk the responsible role and for another risk not?
E.g.:
A role "XY" is a critical role by itself (risk1). The role "Z" isn't, but in combination with the role "J" there is a SoD(risk2).
In the tab "risks for mitigation" there is shown the information for the risk1 and risk2.
But for the risk2 it is also shown the responsible roles regarding the SoD.
The specific risk1, because of the critical role "XY", doesn't show the role in the overview.
Has anybody an idea?
Thanks a lot.
Alexa