Skip to Content
Author's profile photo Former Member

GRC RAR 15.3,composite roles for different site give same role analysis risks except for one

Hi,

We have GRC RAR 15.3, We have defined composite roles for different sites.Let’s say A,B,C,D and E composite roles with different sites. A,B,C and D gives same high,medium and low risks for the role analysis, except E.Composite role E shows no risks at all.When i go for single role of composite role E then it gives high,medium and low risks. This is strange.

Thanks

Mash.

Assigned Tags

      4 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Former Member
      Former Member

      Hey,

      It may be worth checking if your Object Repository sync jobs (User/Role/Profile etc) is running and up to date. Then try running the Risk Analysis again.

      Also ensure that you are running the same risk analysis report type i.e. either Action level or Permission level.

      Let us know if any of this makes a difference.

      Author's profile photo Former Member
      Former Member

      Hi Kaushal,

      We did incremental user/role/profile synch,batch user/role/profile and managment jobs on permission level.Still facing same issue.

      Thanks

      Mash

      Author's profile photo Former Member
      Former Member

      2 things come to mind

      1) Is there any strange authorization object restrictions within the single roles which create Composite E?

      2) Has Composite Role E had a Mitigating Control applied against it at Role Level?

      Author's profile photo Former Member
      Former Member

      1)Single role of E is a derived role like other single derived role of A,B,C and D composite roles.So, it has same authorization objects like other derived roles.

      2) No,these composite roles has no mitigation controls.

      Thanks

      Mash