After upgrading Information Centric Analytics (ICA) to version 6.6, all user risk scores greater than 0 are assigned a Critical risk label.

Only user risk scores are affected (Application, Computer Endpoint, IP, and Person risk scores are unaffected), and this is only occurs in environments in which a previous version of ICA was upgraded to version 6.6.

Product Release: 6.6

Component: Risk Scores

The following general portal settings are not updated during installation and retain the previous default value of '0':

• Literal threshold (inclusive) for Critical risk ratings
• Literal threshold (inclusive) for High risk ratings
• Literal threshold (inclusive) for Medium risk ratings

To correct this condition, follow this procedure:

1. Open the ICA console
2. Navigate to Admin > Settings > General > User Risk Scoring
3. Set these settings as follows:
   1. Literal threshold (inclusive) for Critical risk ratings = 98.0
   2. Literal threshold (inclusive) for High risk ratings = 90.0
   3. Literal threshold (inclusive) for Medium risk ratings = 50.0
4. Click the Save Settings button
5. Run the RiskFabric Processing job
   1. If you wish to run the job outside its schedule, do the following:
      1. Open SQL Server Management Studio (SSMS)
      2. Connect to the Database Engine hosting the RiskFabric database
      3. In Object Explorer, navigate to SQL Server Agent > Jobs
      4. Right-click the job RiskFabric Processing and select Start Job at Step...
      5. Click the Start button to run the job beginning with step 1