Risk Factors Explained
Overview
Risk factors are the signals that contribute to a user’s risk score or suspicious status.
What this feature does
They explain why a user appears risky, such as failed login attempts, new country login, unusual activity time, sensitive updates, or repeated destructive actions.
Why it is useful
- It helps administrators understand the reason behind a risk score.
- It prevents overreaction to a single number.
- It supports consistent investigation decisions.
Who should read this?
RISE Admin, Security Officer, System Owner.
Where to find it
Rise Audit Pro → User Risk Scores and Security Dashboard.
How to use it
- Open User Risk Scores.
- Select or review a user with a risk score.
- Read the listed risk factors.
- Open related logs for evidence.
- Decide whether the behavior is expected or suspicious.
Example workflow
A user is marked medium risk because of failed login attempts and after-hours access. The admin checks whether the user was working late or whether the account needs review.
Screenshot
Screenshot required
Capture from: Rise Audit Pro → User Risk Scores → Risk factor details
Capture from: Rise Audit Pro → User Risk Scores → Risk factor details
Common mistakes
- Judging users by score alone.
- Ignoring low-risk repeated patterns.
- Not documenting why a risk was accepted or escalated.
Related articles
- User Risk Scores
- Suspicious Users
- Investigating Suspicious Login Activity
