Show TOC

Function documentationRisk Violations Tab Locate this document in the navigation structure

 

Before approving an access request, we recommend that you perform a Risk analysis on the request. This analysis can reveal potential separation of duty (SoD) violations, and conflicts of interest that might arise from the assignment of new roles to a user who already has existing roles.

By performing risk analysis during access approval, you can check prospective requests for compliance and audit exposure. You can do risk analysis before or after you assign roles to an access request. Your system administrator can also make risk analysis a mandatory procedure at a given work stage.

After you run Risk Analysis, the system displays any risks that it finds on the Risk Violations tab. Here, you can expand the risk ID to check risk by product. For any risk violations that the system finds, you can either:

  • Mitigate the conflicts

  • Perform advanced analysis

Activities

Follow the steps below to run a risk analysis

  1. From the Request Number - General Information page, choose the Risk Analysis pushbutton.

    The system starts the analysis and displays the Risk Analysis screen when it is finished. Below, is a description of the elements on the Risk Analysis screen:

    Screen Section

    Description

    Select System

    Choose System if you want to perform risk analysis for one particular system or for all systems.

    Choose Advance View if you want to pick and choose among the systems for which you perform risk analysis.

    Roles/Profiles

    These are the roles and profiles that are currently requested as part of the access request.

    Simulate

    Use Simulate to recalculate the risk violations if you make a change to the role assignments. Simulate checks the risk violations that are associated with the user’s current role assignment plus any new role assignments in the access request.

    Risks for Mitigation

    The Risks for Mitigation tab lists the risks that were identified during the analysis and are required for mitigation before approval, depending on the configuration. To the left of each risk is a plus icon that you can select to see the details of each risk identified. From here, you can choose Mitigate to perform mitigation on any risks.

    If Critical Access risks are required to mitigate before approval, they are listed here. Otherwise, they are listed on the Critical Access Risks tab, for your information only.

    Critical Access Risks

    Critical Access Risks are defined in Risk Analysis and Remediation. These are powerful transactions that should not be made available to general users because of security risks. When you perform Risk Analysis, the Critical Access Risks tab displays any critical transactions to which the roles and profiles have access.

  2. When you have finished all the risk analyses, choose Continue to return to the Request Number - General Information screen.