Dear all.
We are facing an error that maybe you could give me some ligth. We perform every day a Segregation of Duties Review for all users. So we establish the job criteria as follow:
- System: The ECC of our customer
- We also set the field Ignore Mitigation to YES (we don't want to report those users with some mitigation control assigned).
- The job is triggered for all the users.
So after the job is running the SOD requests reach the inbox and we have seen that many users are not being analyzing by the SOD review and we are not able to identify which kind of user is being avoided by this analysis. We have verified some attributes of the users and all of them:
- Are A (dialog) users
- Are not blocked
- The roles assignment of the users are not expired
And what is more if we trigger the same job with the same criteria but instead for all user, for a specific user (those ones who were not analyzed before) then the user appears with risk.
Has someone faced this behavior?
Regards.