cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Risk Terminator Configuration - AC10

Go to solution
leos
Active Participant

on ‎09-01-2014 10:04 AM

0 Kudos

G'Day Guys,

I've got few queries and am hoping someone out there can help me out with them please:

  • What is the default Ruleset used while checking Access Risk Violations when Risk Terminator is enabled? From what I can gather it is using the Global Ruleset. If that is the case, is it possible to assign another Ruleset (custom created) as a default one? I tried changing it in the config parameter: 1025, just to see if it will have any effect on RT, however it did not make any difference. It was still picking up the risks defined in the Global Ruleset.

  • Does this apply to mitigation controls as well, when you are given the option to mitigate the risks in RT considering the fact that you define a mitigation control against a Ruleset?

  • Finally, I've set parameter 1085 (Stop role generation if violations exist) as 'Yes' in both GRC and the Plugin system. However it is still letting me assign that role to the end user(su01) if I click on the 'Continue' button?

Any input on this would be very much appreciated.

Regards,

Leo..


P.S: I did search for this and most of them are related to 5.3.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

alessandr0
Active Contributor
‎09-01-2014 10:26 AM
0 Kudos

Hi Leo,

what's your config parameter for 1083/1084? SU01/SU10 is triggerd with these configuration parameters. Not sure whether it stops you from assigning (never tested).

Regarding the rule set: what did you define in parameter 1002 in your plug-in system? Am not sure if the rule set defined in their is recognized for RT.

Mitigations are always per access risk id and hence it is different in each rule set.

Let me know.

Regards,

Alessandro

Show replies
Show replies
leos
Active Participant
‎09-01-2014 10:56 AM
0 Kudos

Hello Alessandro,

Thank you for your prompt reply.

what's your config parameter for 1083/1084? SU01/SU10 is triggerd with these configuration parameters. Not sure whether it stops you from assigning (never tested).

  • I'm only testing SU01 at the moment so it is set to 'yes' in both the systems. I was under the impression that the whole point of RT is to stop roles getting assigned if there is an Access Risk Violation? However this doesn't seem to be the case!

Regarding the rule set: what did you define in parameter 1002 in your plug-in system? Am not sure if the rule set defined in their is recognized for RT.

  • Ok that seemed to work! thank you. I got confused because in the GRC system the parameter is 1025, however in the plug-in system it is 1002. Nevertheless that seems to do the trick, so its all good.

Mitigations are always per access risk id and hence it is different in each rule set.

  • I'm aware of that but access risk ids's are linked to Rulesets and so if it isn't picking the one I'm after then the mitigation controls wouldn't show up either right?

Regards,

Leo..

alessandr0
Active Contributor
‎09-01-2014 12:47 PM
0 Kudos

Hi Leo,

that's correct. Did you think about having one rule set instead of multiples?

Regards,

Alessandro

leos
Active Participant
‎09-01-2014 3:17 PM
0 Kudos

Hi Alessandro,

Multiple rule sets are just for testing purposes only just to check the functionality of RT.

* I would like to point out that RT does not pick up actions that are defined in Access Risk as an SOD risk. So looks like we have to define them as 'Critical Actions'.

Cheers

Leo..

Answers (1)

Answers (1)

Former Member
‎01-12-2015 9:33 AM
0 Kudos

Hi,

I am looking for documentation to configure Risk Terminator in AC 10.0

Do you mind sharing with me the documentation you have, my e-mail is:


ilona.krawiec@quadrio.de


Thank YOU.

Regards,

Ilona

Show replies
Show replies
leos
Active Participant
‎01-31-2015 8:28 AM
0 Kudos

G'Day Ilona,

My apologies for the late reply. I am not really an expert on Risk Terminator and never really had to configure it. So I am afraid I cannot help you. I am sure if you look around you fill find what you looking for, if you haven't already done so.

Cheers

Leo..

Ask a Question