If I implement CAM, do I need to implement an entity?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-31-2023 12:24 AM - edited ‎07-31-2023 01:38 AM
When implementing CAM(continuous authorization monitoring), can an authorization boundary take the place of an entity?
If I implement CAM, do I need to implement an entity?
It seems that the contents of the system registered with authorization boundry are automatically tied to the control as entities, but is it necessary to set the entity type or entity class?
Also, why does CAM define the system to be audited in the form of an authorization package instead of registering entities first like other GRC applications?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-31-2023 06:21 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-31-2023 07:16 PM
Thank you for your reply. Can I ask something else?
Is it possible to register pre-created entities in authorization boundry?
We are aware that the information registered in the authorization boundry of continuous authorization monitoring (CAM) is automatically bound as an entity of the control.
However, is it possible to register an existing entity to the authorization boundry, rather than creating an authorization boundry and then generating it as an entity as well?
The reason I want to do this is because I want to pre-register the risk in the entity and reference the risk during the CAM select process.
If you know how to do this, please let me know.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-31-2023 05:14 PM
Can you also answer the following questions?
It seems that the contents of the system registered with authorization boundry are automatically tied to the control as entities, but is it necessary to set the entity type or entity class?
Also, why does CAM define the system to be audited in the form of an authorization package instead of registering entities first like other GRC applications?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-31-2023 07:14 PM
Is it possible to register pre-created entities in authorization boundry?
We are aware that the information registered in the authorization boundry of continuous authorization monitoring (CAM) is automatically bound as an entity of the control.
However, is it possible to register an existing entity to the authorization boundry, rather than creating an authorization boundry and then generating it as an entity as well?
The reason I want to do this is because I want to pre-register the risk in the entity and reference the risk during the CAM select process.
If you know how to do this, please let me know.