Local risks are children of global risks and represent potentially risky actions that users can do within an application or IT system. You add local risks to global risks to logically link the generic actions that users can do in applications to the actual entities, systems, and locations where they can do them. In this model, “Create Azure Groups in Tenant X” could be a local risk belonging to the “Create Azure Groups” global risk. When the risk engine compiles a local risk, it returns all users having the risk functions as violations.
This article demonstrates how to create a local risk by adding a local risk to the Create Azure Groups global risk created in the Create Global Risks topic.
How to create local risks
On the navbar, expand Compliance and click Risk Management.
On the Risk Management page, select the Global Risks tab and then search for the global risk to which you want to add a local risk.
Click the Name link for the global risk.
On the Global Risk Details page, select the Mappings tab, expand the Local Risks accordion, and then click the Add Local Risk button.
Enter the following information for the local risk:
Name — Enter a name for the local risk that represents the risk in your business process language, such as Create Azure Groups in Austria
Display Name — Enter a display name for the risk. Display names are friendly names that appear in the user interface
Description — Enter a description for the local risk
Location — Click the Select a Location link and then search for and select a creation location for the risk
Enabled — Select whether to enable to policy for compilation
Violation # Limit — Specify the the maximum number of violations that can occur
Locale Key (Unique Name) — Optionally, enter a locale key to create a localized entry for the risk
Locale Key for Description — Optionally, if you are creating a localized entry for the risk enter a description for the locale key