Identity Risk Score Configuration

IdentityIQ uses a combination of base access risk and compensated scoring method to determine the overall Identity Risk Scores, or Composite Risk Score, used throughout the product. You configure Baseline Access and Composite risk scoring for identities by navigating to Identities > Identity Risk Model.

Base access risk is a measure of inherent user access risk. Base risk scores are set on each role, entitlement, and policy defined. This type of score ranges from 0 (lowest risk) to 1000 (highest risk). The account weight assigned to any additional entitlements that are assigned to an identity also have an impact base risk scores. Account weights are factored in to the entitlement baseline access risk scores.

IdentityIQ applies a series of compensating factors to each base risk score to calculate compensated scores. These compensated scores are then weighted using a maximum contribution percentage and combined to form an overall Composite Risk Score for each user.

The compensating factors and weighted values enable IdentityIQ to accurately identify high-risk users based on more than just the roles they are assigned within your enterprise.

For example, a user assigned only low risk roles might be considered high risk if they have never been included in a certification process or the roles they do have are in violation of separation of duty policies.

Scoring Definitions

There are a number of scores, or types of scores, that contribute to the overall Identity Risk Score, or Composite Risk for each IdentityIQ user. The basic scores that are used to determine the overall score are:

Score

Definition

Base Risk Score

The score assigned to each role, entitlement, or policy violation.

Total Base Risk Score

The total score of all base risk scores of the same component type on a per user basis.

For example, add the base risk scores for all roles assigned to a specific user together to determine the role total base risk score.

Compensated Risk Score

The value of the base risk score for a component multiplied by the compensating factor for that component type.

Total Compensated Risk Score

The Total Base Risk Score for a specific component type multiplied by the Compensated Risk Score for that component type.

Composite Risk Score or Identity Risk Score

The overall risk score for a user after the composite weighing, or maximum contribution to total score factor, is applied to the total compensated risk scores for each component.

The time since the last certification was performed on the user is also figured into this score with the total compensated scores for role, entitlement, and policy violation.

Use the sliding bars or manually enter a value, to define scoring on each panel.

Use the following tabs to create risk score factors for your enterprise: