Risk factors configuration
The Risk Factors page allows administrators to configure and manage IAM risk assessment factors used for computing user entitlement risk scores. This can become useful when configuring risk-driven access certification. Access it in the Webconsole at Administration > Risk Factors Configuration.
The page displays a summary panel and a grid of configurable risk factor cards. Each factor contributes to an overall risk score that helps identify users with potentially excessive or under-reviewed access.
The top panel shows:
- Total Factors - count of enabled factors.
- Pie Chart - distribution of factors across High / Medium / Low impact levels.
- Overall Risk - the average weight of all enabled factors, classified as High, Medium, or Low.
Impact levels
Impact levels are used to classify how critical an entitlement, role, or access decision is if it is incorrectly granted or retained. They help prioritize reviewer attention during certification campaigns by highlighting which access items pose higher potential risk to the organization. Impact levels are derived from a factor's weight:
| Level | Weight Range | Color |
|---|---|---|
| High | 0.7 | Red |
| Medium | 0.4 - 0.7 | Orange |
| Low | < 0.4 | Green |
Risk factors
Along with impact level, risk factors are used. They are the individual attributes, signals, or conditions used to calculate the overall risk score of a user’s access. They provide the “why” behind a impact level and are combined to determine whether an entitlement should be considered low, medium, or high risk during certification. There are five available factors.
| Factor | Description |
|---|---|
ENTITLEMENT_SENSITIVITY | Measures the sensitivity level of entitlements assigned to a user. Higher sensitivity entitlements (e.g. admin access, financial systems) contribute more to the overall risk score. |
ENTITLEMENT_ORIGIN | Evaluates how entitlements were granted. Directly assigned entitlements may carry different risk than those inherited through roles or groups. |
ENTITLEMENT_LIFETIME | Assesses the duration an entitlement has been held. Long-standing entitlements that have not been reviewed may indicate elevated risk. |
APPROVAL_PATH | Analyzes the approval workflow used to grant access. Entitlements granted without proper approval or via expedited paths carry higher risk. |
UAR_AWARENESS | Tracks whether entitlements have been reviewed in User Access Reviews. Entitlements that have not been recently certified carry higher risk. |
Configuring a risk factor
Each risk factor card exposes the following settings.
- Enabled. A toggle switch that enables or disables the factor. Disabled factors are excluded from the overall risk score calculation and appear dimmed in the UI.
- Risk Weight. A slider from 0.0 to 1.0 (step 0.1) that controls how much this factor contributes to the risk score. The current impact level chip (High / Medium / Low) updates in real-time as the slider moves.
- Custom Parameters (JSON). An expandable section where you can provide factor-specific configuration as a JSON object. The JSON must deserialize to a valid RiskFactorCustomParams structure; the backend rejects malformed or unknown fields.
- Audit Trail. Each card displays:
- Updated At - timestamp of the last modification.
- Updated By - display name of the user who last saved the factor
All save operations are audit-logged under the SAVE_RISK_SCORE_FACTOR action.