You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.

Create Global Risks

Global risks represent actions that users can do in one or more applications that an organization considers to be potentially risky.  As such, global risks map to the global functions defining the specific rights and roles that grant users the ability to perform those actions. A simple example of a global risk would be a risk named “Create Azure Groups” that is mapped to a global function named “Create Azure Groups.” When the risk engine compiles a global risk, it returns all users having the risk functions.

How to create a global risk

  1. On the navbar, expand Compliance and click Risk Management.

  2. On the Risk Management page, select the Global Risks tab and then click the Add button.

     

  3. Enter the following information in the dialog that appears:

    • Name – Enter a name for the risk that matches the global function to which the risk applies. For example, if you have a function named Create Azure Groups and you are creating a global risk for that global function, a best practice would be to name the risk Create Azure Groups.

    • Display Name – Enter a display name for the risk. Display names are friendly names that appear in the user interface

    • Description – Enter a description for the risk

    • Risk Type – Select the type that best represents the category for the risk

      • Critical Access

      • Segregation of Duties

      • Sensitive Access

    • Risk Level – Select the level of risk

      • Critical

      • High

      • Medium

      • Low

    • Risk Resource Set – Select the resource set to which the risk is to be associated with, such as Azure or EmpowerID

    • Location – Click the Select a Location link and then search for and select a creation location for the risk

    • Enabled – Select whether to enable to policy for compilation

    • Violation # Limit – Specify the maximum number of violations that can occur

    • Locale Key (Unique Name) – Optionally, enter a locale key to create a localized entry for the risk

    • Locale Key for Description – Optionally, if you are creating a localized entry for the risk enter a description for the locale key

    • Is Shipping Data – For internal use only; selecting this option has no effect on your environment

  4. Click Save to create the global risk.


After creating a Global Risk, the next step is to add Risk rules to it. See Add Risk Rules to Global Risks for the details.