Show TOC

Function documentationRules in Risk Analysis and Remediation Locate this document in the navigation structure

 

Rules in Risk Analysis and Remediation are logical constructions composed of a circumstance or condition, and the appropriate response to that condition.

This construction is commonly represented as an If-Then pair.

Example

If an employee in my company has permission to both create a vendor and also authorize payment to a vendor, Then the employee has been granted conflicting roles that pose a high risk.

The previous example is a Segregation of Duties (SoD) risk. You must define the risk. Risk Analysis and Remediation generates the rules to identify it.

More Information

Rule Generation

Rule Viewing and Updating

Rule Set Management

Rule Library Metrics

Organization Rules