IBM Security SOAR

 View Only
Expand all | Collapse all

How to view the "Regulatory" rule

  • 1.  How to view the "Regulatory" rule

    Posted Thu November 11, 2021 02:04 PM
    Hi all,

    We have this task that keeps being added when we create a new incident: "Investigate Exposure of Personal Information/Data".
    In the "Phases and tasks", we can see that the associated rule is called "Regulatory".  This looks like a kind of system rule because we can not see it in the Rules menu.
    We could disable the task but we would rather understand what the whole rule is all about.
    And this "Regulatory" rule is associated with all the regulatory tasks so it would be nice to understand it a little better.

    Thanks

    ------------------------------
    Pierre Dufresne
    ------------------------------


  • 2.  RE: How to view the "Regulatory" rule

    Posted Fri November 12, 2021 11:12 AM
    Hi Pierre,
    This is a Privacy task that is added using the Privacy engine, there is a technote which tells you how to disable it:
    https://www.ibm.com/support/pages/how-disable-investigate-exposure-personal-information-data-task

    Either you can set the field  Was personal information or personal data involved?  to No,
    or under the Breach tab in Customization Settings, disable "data breach best practices" to avoid generating the task for all incidents.
    I hope this helps.

    ------------------------------
    Elizabeth Hecht
    ------------------------------