Companies have different requirements that they need for regulating internal and external identities' access to company resources. On the one hand, rule checks are used for locating rule violations and on the other hand, to prevent them. By using these rules, you can demonstrate compliance with legislated regulations such as the Sarbanes-Oxley Act (SOX). The following demands are made on compliance:
-
Compliance rules define what an identity is entitled to do or not do. For example, an identity may not have both entitlements A and B at the same time.
-
Company policies are very flexible, and can be defined for any company resources you are managing with Manager. For example, a policy might only allow identities from a certain department to own a certain entitlement.
-
Each item that an identity can access, can be given a risk value. A risk index can be calculated for identities, accounts, organization, roles, and for the groups of resources available for request. You can then use the risk indexes to help prioritize your compliance activities.
Some rules are preventative. For example, a request will not be processed if it violates the rules, unless exception approval is explicitly granted and an approver allows it. Compliance rules (if appropriate) and company policies are run on a regular schedule. and violations appear in the identity’s Web Portal to be dealt with there. Company policies can contribute to mitigation control by reducing risk. For example, if risks are posed by identities running processes outside the One Identity Manager solution and causing violations. Reports and dashboards provide you with comprehensive compliance information
You can use items on the Compliance menu to perform various actions and collect information. The following tables provide you with an overview of the menu items and actions that can be run here.
Menu |
Menu item |
Description | |
---|---|---|---|
Compliance |
| ||
|
| ||
|
|
Here you can make approval decisions about pending rule violations. | |
|
|
Here you can display all the approvals that you made about rule violations. | |
|
|
Here you can make approval decisions about pending policy violations. | |
|
|
Here you can display all the approvals that you made about policy violations. | |
|
| ||
|
|
Here you can display all rule violations. | |
|
|
Here you can display all policy violations. | |
|
| ||
|
|
Here you can display and edit all risk index functions. | |
|
|
Here you can display all compliance frameworks. | |
|
|
Here you can display objects (for example, identities) with increased risk index. | |
|
|
Here you can display all the compliance rules and corresponding rule violations. | |
|
|
Here you can display all the company policies and corresponding policy violations. | |
|
|
Here you can display all compliance rules with SAP functions and the user accounts that violate these rules. | |
|
|
Here you can display rule violations of identities assigned to critical SAP functions. |