From 0b13c7fbe83079ab66488479a63c6441b626b5af Mon Sep 17 00:00:00 2001
From: natasha-moore-elastic <natasha.moore@elastic.co>
Date: Thu, 27 Mar 2025 10:16:16 +0000
Subject: [PATCH] Updates risk scoring requirements

---
 docs/advanced-entity-analytics/ers-req.asciidoc | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/docs/advanced-entity-analytics/ers-req.asciidoc b/docs/advanced-entity-analytics/ers-req.asciidoc
index 7d17030596..530eaa2fbb 100644
--- a/docs/advanced-entity-analytics/ers-req.asciidoc
+++ b/docs/advanced-entity-analytics/ers-req.asciidoc
@@ -11,21 +11,33 @@ This page covers the requirements and guidelines for using the entity risk scori
 [discrete]
 === Privileges
 
-To turn on the risk scoring engine, you need the following privileges:
+To install or run the risk scoring engine, you need the following privileges:
 
 [discrete]
 [width="100%",options="header"]
 |==============================================
 
-| Cluster      | Index | {kib} 
+| Action | Cluster privileges | Index privileges | {kib} privileges
+
+| Install the risk engine
+
 a| 
 * `manage_index_templates`
 * `manage_transform`
+* `manage_ingest_pipelines`
 
 | `all` privilege for `risk-score.risk-score-*`
 
 | **Read** for the **Security** feature 
 
+| Run the risk engine
+
+| `manage_transform`
+
+| N/A
+
+| **Read** for the **Security** feature
+
 |==============================================
 
 [discrete]