GRC Tasks dont show the Risk Assessment for Business User Lite or other GRC Roles

Henrik Alt · Monday

Hello All,

im facing an issue as in the GRC Tasks i only see the Risk Assessments when i have an admin user, for everyone else this is just hidden eventhough those users have a risk assessment assigned.

We have several instances but ever since our production was upgraded i do not see them anymore, i crawled through the UI Builder but i didnt see anything that could cause this, do any of you have an idea about that? thanks in advance!

sarah_bioni · Monday

Hi @Henrik Alt ,

Are you able to see the Risk workspace without the admin role, but with any of the following roles assigned to your user?

Was there any custom ACL created on the Instance Assessment table (asmt_assessment_instance)? Could you check the most recently updated ones?

Regards,

Sarah Bioni

Henrik Alt · Monday

Hi @sarah_bioni ,

yes the affected user has all three roles and also has access to the table in question, also it doesnt look like there are any custom acls

sarah_bioni · Tuesday

Hi @Henrik Alt ,

Looking at the ACLs on the sn_risk_advanced_risk_assessment_instance table, there are 3 ACL rules controlling read access:

2 x Deny Unless — Both are tied to Entity-Based Access logic. It is worth reviewing your Entity-Based Access configuration, as one or both of these rules may be blocking your non-admin users from seeing their assigned Risk Assessments.
1 x Allow If — This ACL requires the sn_risk_advanced.ara_reader role. Please confirm that your affected users have this role explicitly assigned.

Regards,

Sarah Bioni

Henrik Alt · Tuesday

Hi @sarah_bioni,

first of all thanks for the continued support,

Entity based access is not installed and the user has the desired role, the interesting part is that when that user is supposed to approve a risk assessment it is shown in the grc tasks but when trying to take it it is not.

Best regards,

Henrik