21.3 Configuring Risk Scores

You can customize the way Identity Governance summarizes the risk in your environment, either through manual or calculated risk scores. Governance risk score measures risk across your entire system, application risk score measures risk for each application, and user risk score measures the risk for each user. You can assign risk scores manually by editing values in the catalog, either individually or through bulk data updates. If you edit extended attribute risk values that had been collected, Identity Governance uses the edited values for extended attributes for risk calculation instead of the collected values. For more information, see Section 12.3, Editing Attribute Values of Objects in the Catalog.

To have Identity Governance calculate risk scores for your environment, you select which factors contribute to risk calculation, configure how much weight each risk factor carries in calculations, and then direct Identity Governance to start the calculation process by clicking Calculate. Some risk factors that you can select, such as Certification policies, require that you actually have the factor configured for your environment to have Identity Governance use that factor in the risk score calculation. For more information, see Creating and Editing Certification Policies.

To configure risk scoring:

  1. Log in as a Customer, Global, or Data Administrator.

  2. Under Policy, select Risk.

  3. Click the gear icon on a risk score badge to customize it.

  4. For the governance risk score, you must assign weights and risk factor ranges to enable Identity Governance to calculate risk.

    NOTE:The governance risk score depends on application and user risk scores.

  5. For applications and users, in Risk scoring, select Calculated to show the risk factors and weights.

    NOTE:The application risk score depends on user risk score.

  6. For each risk factor that you want to use, specify the weight for that risk factor and customize the range values you want to use. When setting a range, any value below the low range will have zero risk set. Any value above the high range will have the maximum risk value set. For more information, see Risk Factors.

  7. Continue assigning weight values to risk factors until your risk factor weights add up to your desired amount.

  8. Select Save and then select Calculate.

    Identity Governance shows status when calculation is in progress and completed.

  9. View calculated risk scores in the appropriate catalog section, such as users or applications, or on the Governance Overview dashboard for the Governance risk score. In the catalog, individual items have a Risk Factors tab, if applicable, that shows the calculated risk score details, such as risk score, last calculated date, and risk factors used in the calculation.