I have created a group for PCI related incidents handling and assigned a local user to that group. Gave necessary incident handling permissions to the group and assigned incident permissions to the user. But the incidents generated upon the violation of the policy are not automatically assigned to the desired group/user.
Pl suggest as what is the issue and how it can be fixed??
Should not this be in Data loss prevention?
moved there if you want it elsewhere post back