The following is an overview of the operational Risk workflow:
For more information, see...
Create Operational Risk Policy
An additional Policy type was added to support Operational Risk rules. The rules are based on the risk types determined by Xray. Violations are generated based on the rule criteria you select.
Attach Policy to Watch
Attach the Operational Risk Policy to a Watch or Watches to apply it on your resources.
View Operational Risk Data
View Operational Risk Data for your components in the Xray Data tab in Artifactory.
View Operational Risk violations that were generated based on the Policy rules you set.
Take note that Xray does not perform impact analysis for operational risk updates. The Operational Risk tab will always be updated. The Violations data is updated up to the latest scan (or the latest package download).