Action Level vs Permission Level
The main difference Action level and Permission level levels are following:
- The Action level can only compare at the transaction level. Therefore running at this level may cause false positives as it checks transaction level only.
- The Permission level filters the result further than transaction level based on the authorization objects set up in the rules.
- Running at permission level just in order to filter the conflicts depending upon authorization object setting users is having in the rules. If the authorization objects is missing in the rules than the same action risk will show at permission level.
- The user will never get any conflict that will have a permission level risk but not a corresponding action level risk.
- There is some risk which will only show up at action level but not at permission level the user doesn't have all the required authorization objects.