How to: Evaluate Findings
After an initial analysis you will find the results with status To be reviewed or Agree or Disagreed. Agreed means that based on the setup the result has no risk. If you have a lot of analysis results, it is an option to first set up ‘Default Evaluation for Accepted Finding’ in a Standard Competence. After a new analyze more results will have the status Agreed and less To be reviewed.
You can evaluate the findings for Critical Permissions. Departments – Compliance – Security – Authorization Monitoring. Then click on ‘Analysis Permissions’ under tasks. You are able to add your review by clicking in the Evaluation Column.
You have the following choices for the evaluation:
- To be Reviewed
- Agreed
- Disagreed
- Actual Permissions Changed
- Standard Changed
- Actual Permissions and Standard Changed.
Depending on the changes you have made, these evaluations can automatically come out of the analysis.
You have now evaluated permissions. If you want to filter specifically on an Evaluation, you can use the filters below:
If something has changed in the permissions, authorizations or standards, click on the button from the example below at the top of the screen to create a change log overview:
The review of the Conflicting Critical Permissions can be done in the same way as for Critical Permissions. You can evaluate the findings for Conflicts. Departments – Compliance – Security – Authorization Monitoring. Then click on ‘Analysis Conflicts’ under tasks. You are also able to add your review by clicking in the Evaluation Column.