---
title: Adding a risk policy
description: Add a new risk policy in the PingAccess administrative console.
component: pingaccess
version: 7.2
page_id: pingaccess:pingaccess_user_interface_reference_guide:pa_72_adding_a_risk_policy
canonical_url: https://docs.pingidentity.com/pingaccess/7.2/pingaccess_user_interface_reference_guide/pa_72_adding_a_risk_policy.html
revdate: September 6, 2023
section_ids:
  before-you-begin: Before you begin
  about-this-task: About this task
  steps: Steps
  next-steps: Next steps
---

# Adding a risk policy

Add a new risk policy in the PingAccess administrative console.

## Before you begin

Make sure that:

* You have set up a PingOne connection in PingAccess.

* You have your PingOne credential easily accessible to copy and paste.

Learn more in [Adding a PingOne connection](pa_72_adding_a_p1_connection.html).

## About this task

To add a risk policy:

## Steps

1. In the PingAccess administrative console, go to **Access > Risk Policies** and click **+ Add Risk Policy**.

2. Complete the fields.

   Learn more in [Risk policy field descriptions](pa_72_risk_policy_field_descriptions.html).

   |   |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
   | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
   |   | You can only configure a PingOne risk policy in PingOne Protect.PingAccess doesn't currently support device profiling, so **New Device** and other device-related PingOne predictor types shouldn't be included in a PingOne risk policy that you intend to use with PingAccess. Some of these device-related predictor types are included in the default PingOne risk policy. Make sure to remove the following predictor types from your configuration or adjust the weights or scores associated with them:- Anonymous network detection

   - Geovelocity anomaly

   - IP reputation

   - IP velocity

   - New device

   - User location anomalyYou can find more information in [Risk policies](https://docs.pingidentity.com/pingone/threat_protection_using_pingone_protect/p1_protect_risk_policies.html) in the PingOne documentation. |

3. Click **Save**.

## Next steps

After you've created a PingAccess risk policy, you can assign it to a specific application or resource. Learn more in [Application field descriptions](pa_application_field_descriptions.html) or [Adding application resources](pa_adding_application_resources.html).