Versions Compared

Old Version 1

changes.mady.by.user Dev Raj Gautam

Saved on

compared with

New Version 2

changes.mady.by.user Dev Raj Gautam

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

View all Violations & Mitigations

EmpowerID keeps a record of all violations and their corresponding mitigation, including the current status, timestamp, and actors involved. This helps in accurately documenting and reporting any violations that occur. Users can use the search feature to find specific information and easily access detailed data about any discovered violations, mitigations, and associated risks for further analysis.

  1. Log in to EmpowerID with the necessary permissions.

  2. On the navbar, expand Compliance and click Violations.

  3. This will redirect you to a listing page where you can find information related to both Violations and Mitigations. To view all the information about violations in the system, click on the Violations tab. You can search for specific violations by typing text in the search textbox and clicking on the search button.

    image-20240129-050929.pngImage Added

    • Discovered: This is the date and time when the violation was discovered.

    • Mitigation Status: This refers to the current status of the mitigation. It could be mitigated, rejected, or still not mitigated.

    • Violation: Refers to the specific breach or non-compliance that is occurring, causing the need for mitigation measures.

    • Risk Violator: This pertains to the person who violated the rule. EmpowerID identifies the person violating the rule, regardless of how they received the violating functions. If numerous individuals belong to a role that has the function, EmpowerID will flag each person in the role as a violator to provide a complete picture of the magnitude of the risk. Risk owners can view the exact assignment point that caused the person to be in violation.

    • Risk: This refers to the potential risk that is associated with the breach or non-compliance with policies.

    • Risk Type: Type of the risk, e.g., Segregation Of Duties, Critical Access

    • Mitigator: The person who was responsible for mitigating the risk.

    • Mitigation Expires On: After this date, the mitigation will expire and will need to be re-mitigated.

  4. Similarly, to view the mitigations, click on the Mitigations tab and search for specific mitigations by typing text in the search textbox and clicking on the search button.

    image-20240129-051149.pngImage Added

    • Created Date: Date when mitigation is done.

    • Decision: Decesion about the risk violation if it was approved with mitigations or was rejected.

    • Risk Violator: The person who violated the risk by owning an unwanted resource.

    • Mitigator: The person who mitigated the risk by accepting it and applying mitigation controls.

    • Business Request Item: Information about the business request item that caused the violation.

    • Enabled: Check if the mitigation is still enabled.

    • Valid From and Valid: Identify the period during which the mitigation is valid before requiring re-mitigation.