Skip to end of banner
Go to start of banner

Responding to Risk Violation

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 16 Next »

Once EmpowerID's risk engine evaluates violations, approval requests are sent to the designated risk owner for approval. By default, the risk owner has the authority to review detailed information about the request and associated violations, making decisions to accept or reject the request with mitigation. When a risk violation is identified, the risk owners review the risk and related information to decide whether to approve or reject the risk. If the owners choose to approve the risk, they can only do so by applying predefined mitigation controls already established within the system. By adhering to these mitigation controls, administrators can confidently approve risks, ensuring the access environment remains secure and compliant.

Automated Risk Violation Approval Tasks

EmpowerID has a feature that automatically creates a request for approval or rejection when a violation occurs, whether it is due to access being granted before the policy was established (Detective) or a user attempts a high-risk access request while shopping in the IAM shop (Preventive). In both cases, the request is sent to the approver configured in the approval flow, who is, by default, the risk owner. to the risk owner.

In a proactive scenario, if a risk owner approves a request for access that could potentially cause a violation, the user will receive the access they requested. However, a mitigation must be applied to approve it and , the mitigation will be valid until the end time specified by the approver is reached. On the other hand, if the request is rejected, the user will not be granted access, which could result in a violation. Regarding detection-based actions, the system keeps a historical record of any violations and the mitigations taken to address them.

There are slight differences in the user interface for approval between preventive and detective methods, which are discussed in their respective sections of this document.

Approval requests by the risk owner will only be sent if two conditions are met. Firstly, the approval flow policy must have the RequireRiskOwnerApproval step configured. Secondly, the Send Detected Violations for Approval setting in the risk must be set to true. If both conditions are satisfied, the approval process will begin with an automated business request being generated for approval. However, if the conditions are not configured properly, the violation will still be recorded in the system without undergoing approval. Administrators can manually initiate the submission of existing violations for approval,if they choose not to sautomatically end detected violations for approval

Detective Violations: Review and Approve Risks

Please follow the steps below to access your risk approval tasks through the My Tasks App interface.

  1. Login to EmpowerID with the necessary permissions.

  2. On the navbar, expand Business Request and Tasks and click My Tasks App. You will be redirected to the My Tasks Microservice.

  3. In the To-Do and Request View tabs, you will be able to list all the tasks assigned to you inlcuding the Risk Mitigation Task.

    image-20240207-130915.png

  4. Click on the Name of the specific business request item that requires approval for risk violation.

  5. Upon opening the details view, you can access information about the resource and its assignee responsible for any violations in the TO DO tab.

    image-20240207-132025.png

  6. You can find additional violation information in the To-Do tab by clicking Show Details. If you want to view the details of a business request item, you can click on its Name, which will open the details view.

    image-20240207-132319.png

  7. After reviewing information about the risks and violations, the risk owners can decide whether to approve or reject them. To do this, find the To-Do tab and click the (blue star) or the Approve button to implement the mitigation control and grant approval. On the other hand, if you choose to Reject, you can click ❌ button.
    Click on Approve to proceed to the next step.

    image-20240207-133234.png

  8. When you click on approve, a pop-up will appear. Please select the necessary Mitigation controls provide inputs for , end date, and other values . Finally, click the tick (blue star) button to approve the violation.

    • Select Mitigation Control: Select a predefined mitigation control for approval.

    • End Date: End date of the approval, after which the violations have to be mitigated again.

    • Justification: Choose an explanation or justification for approving the risk violation.

      image-20240207-133816.png

Preventive Violations: Review and Approve Risks

  1. Login to EmpowerID with the necessary permissions.

  2. On the navbar, expand Business Request and Tasks and click My Tasks App. You will be redirected to the My Tasks Microservice.

  3. In the To-Do and Request View tabs, click on the Name of the specific business request item that requires approval for risk violation.

    image-20240207-130915.png

  4. Click on the Name of the specific business request item that requires approval for risk violation.

  5. Upon opening the details view, you can access information about the resource and its assignee responsible for any violations in the Risk Violations To Do tab. Additonaly you should also be able to see the associated risk level is displayed at the top of the window, providing an idea of the risk associated with the request.

    image-20240207-142028.png

  6. To view more information about request violations, click on the Risk Violations tab. In this section, you will find the violated risks, their level, and classification. For more information about each violation, click More Details to view the risk function and business request details.

    image-20240207-142247.png

  7. After reviewing information about the risks and violations, the risk owners can decide whether to approve or reject them. To do this, find the Risk Violations To-Do tab and click the Approve button to implement the mitigation control and grant approval. On the other hand, if you choose to reject, you can click on the Reject Button . Click on Approve to proceed to the next step.

    image-20240207-143209.png



  8. When you click on approve, a pop-up will appear. Please select the necessary Mitigation controls provide inputs for , end date, and other values . Finally, click the tick (blue star) button to approve the violation.

    image-20240207-142947.png


After implementing the necessary risk mitigation controls, if an individual violates the same risk policy again, no approval tasks or violations will be generated until the mitigation control end date is reached.

Send Existing Violations for Approval

EmpowerID has a feature that automatically generates business requests for risk violations detected in the system. However, if you've chosen not to send these requests by default by disabling the Send Detected Violations for Approval setting in the local risk, or if you had previously turned off the Generate Business Requests feature and want to enable it again, you'll need to follow the following steps to ensure that existing violations are sent for approval.

  1. Log in to EmpowerID with the necessary permissions.

  2. On the navbar, expand Compliance and click Risk Management.

  3. Click on the Local Risks tab to list all the local risks to manage.

    image-20240206-152932.png

  4. If you want to search for a specific local risk, type your text in the search box and click the Search button.

    image-20240206-153438.png

  5. Submit existing violations for approval by clicking the Send Existing for Approval button. Business requests will be generated and routed by default to the risk owners for approval.

Once risk approval tasks are generated, risk owners are notified to view, approve, or reject those tasks.

  • No labels