Skip to main content
Version: On prem: 15.0.3

Risk

The Risk Concept functionality enables the calculation of Risk scores for resources and identities based on how data is classified. A Risk score expresses how risky a given resource or identity is from a security perspective. It is expressed as a number.

On the basis of a calculated Risk score, Omada Identity also derives a more intuitive Risk level for identities and resources. By default, a Risk level can be either Low, Medium, or High.

Risk score

A Risk score expresses how risky a given resource or identity is from a security perspective. It is expressed as a number. On its basis, it is possible to verify the risk level of the staff having access to these resources. Inclusion of the risk aspects enables safer decision-making through processes such as access request approvals and recertifications. Information on risk score is also visible in selected reports.

Risk scores and risk levels can be inspected in the following places in the Omada Identity portal:

  • Resource form - in the Advanced section, the calculated Risk score and Risk level is displayed.
  • Identities view - in the Risk level column of the view.
  • Identity form - in the Identity details section, the calculated Risk level is displayed.
  • Access request approval surveys - Risk level information is accessible from the level of Identity and Resource pop-up forms. It is also possible to add Resource and Identity Risk level columns to the survey tasks. You can publish the survey template AccessRequestApprovalSurveyWithRisk.xml and update the approval process to use this survey via the Survey approval process template customer setting. The approver can use the information when deciding whether to approve or reject a requested resource.
  • Access review surveys - Risk level information is accessible from the level of Identity and Resource pop up forms. The goal is to assist the approver in deciding whether to approve or reject a request.

RoPE configuration

The calculation of risk scores and risk thresholds takes place in a RoPE extension named RiskScoreCalculator2. For more information, refer to the Role and Policy Engine guide.

Affected reports

The following reports include Risk score information:

  • Identity Details report (WID002)
  • Identity Change Log report (WID003)
  • Resource Details report (WRE002)