Refer to SAS AML8.3, the system is only allow the user to perform any actions on the most recent snapshots (SFEs) for the suspicious activity that has been discovered. This is not allowed the user to add/edit the information of the previous alert. This affects the work process of user in case if the user record the wrong investigation or need to re-investigated the information in the previous alert.
So, the expectation from the customer is, when the new Alert is generated, the user should be able to ‘Edit’ some information in ‘the previous Alert’ such as.. ‘Rate productivity’ to put the comment (in Fired Event Level) for that alert.
... View more