on 04-28-2010 2:15 PM
Hi All,
We have configured our CUP workflow to take a detour path if SOD violations are found at a stage. RAR has Critical actions defined in the rule set. When CUP performs the SOD analysis, is there any way we can skip critical action risks and consider only SOD risks?
We are 5.3 SP 11.1
Hi,
If the critical action activated in the same rule set, than you have to define a mitigation control as well, because CUP is going to show these risk after a risk analysis and you have to mitigate that. There is no possiblity to skip that.
Possible solutions:
If you want these risks (critical actions) just for reporting aspects in RAR, than you should maybe create a new ruleset just only for these risks, and deactivate it, on the Global ruleset... I wouldn't recommend that, because, if you are going to define critical actions, you have to define mitigation control, from the security aspects as well.
Cheers,
Martin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Anand,
I totally agree with Martin. The easiest solution is to create a separate ruleset for Critical Action. That's what I have been doing at most of my clients. Also, I do not recommned applying mitigating controls to critical actions as it defeats the purpose of having critical actions in the ruleset.
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.