Creating a risk profile
Risk profiles contain your risk configuration settings for defining the weightage values for factors of various risk vectors such as threats, resistance (vulnerability and enforcement risks), and asset criticality. Create a profile and assign a weight for various risk factors to compute risk score of an asset according to the risk tolerance of your organization.
Before you begin
In the basic version of Risk Manager, the risk engine uses the system-defined risk profile that contains the default risk configuration settings to calculate the risk score. You must have access to Risk Manager Advanced to create and configure a risk profile for assigning appropriate weight for various risk factors.
About this task
Risk Manager provides a system-defined profile with default risk configuration settings to compute the risk score of an asset. The risk engine uses the configuration settings of the active profile to compute the risk score. By default, the system-defined risk profile is active. You cannot modify the configuration values of the system-defined risk profile, but you can clone the settings to change the configuration values according to your needs. You can delete only the user-defined profile that is not active.
The risk engine runs based on the set frequency to calculate the risk score of an asset according to the defined configuration. You can also manually run the risk engine if you need to immediately view risk score for the updated configuration. To manually run the risk engine, click the Run risk engine option on the Risk Manager dashboard page. The risk engine runs automatically if you update an active risk profile and also when you make a different profile as active.
When you upgrade Risk Manager from earlier version to the current version, only the system-defined risk profile is applicable by default. The user-defined risk profiles from the earlier version are not migrated.
To set a schedule to run the risk engine, see Scheduling tasks.