Identity Manager 9.0 LTS - Authorization and Authentication Guide

NOTE: This application role is available if the Company Policies Module is installed.

The following application roles are available for managing company policies:

Table 4: Application roles for company policies
Application role	Description
Administrators	Administrators must be assigned to the Identity & Access Governance \| Company policies \| Administrators application role. Users with this application role: Enter base data for setting up company policies. Set up policies and assign policy supervisors to them. Can calculation policies and view policy violations if required. Set up reports about policy violations. Enter mitigating controls. Create and edit risk index functions. Administer application roles for policy supervisors, exception approvers and attestors. Set up other application roles as required.
Policy supervisors	Policy supervisors must be assigned to the Identity & Access Governance \| Company policies \| Policy supervisors application role or another child application role. Users with this application role: Are responsible for the contents of company policies. Edit working copies of company policies. Enable and disable company policies. Can calculation policies and view policy violations if required. Assign mitigating controls.
Exception approvers	Exception approvers must be assigned to the Identity & Access Governance \| Company policies \| Exception approvers application role or a child application role. Users with this application role: Edit policy violations. Can grant exception approval or revoke it.
Attestors	Attestors must be assigned to the Identity & Access Governance \| Company policies \| Attestors application role. Users with this application role: Attest company policies and exception approvals in the Web Portal for which they are responsible. Can view the main data for these company policies but not edit them. NOTE: This application role is available if the module Attestation Module is installed.

Application roles for attestation

NOTE: This application role is available if the Attestation Module is installed.

The following application roles are available for managing attestation procedures:

Table 5: Application roles for attestation
Application role	Description
Administrators	Administrators are assigned to the Identity & Access Governance \| Attestation \| Administrators application role. Users with this application role: Define attestation procedures and attestation policies. Create approval policies and approval workflows. Specify which approval procedure to use to find attestors. Set up attestation case notifications. Configure attestation schedules. Enter mitigating controls. Create and edit risk index functions. Monitor attestation cases. Manage application roles for attestation policy owners. Maintain members of the chief approval team.
Chief approval team	The chief approver must be assigned to the Identity & Access Governance \| Attestation \| Chief approval team application role. Users with this application role: Approve using attestation cases. Assign attestation cases to other attestors.
Attestors for external users	Attestors for external users must be assigned to the Identity & Access Governance \| Attestation \| Attestors for external users application role. Users with this application role: Attests new, external employees.
Attestation policy owner	Owners of attestation policies must be assigned to a child application role of the Identity & Access Governance \| Attestation \| Attestation policy owners application role. Users with this application role: Are responsible for its content and handle the attestation policies assigned to it. Assign the attestation procedure, approval policy, and calculation schedule. Assign approvers, mitigating controls, and compliance frameworks. Monitor attestation cases and attestation runs.

NOTE: Attestors in charge are determined through approval procedures. Other application roles may be applied here. Application roles for attestors are defined in different module and are available if the Attestation Module is installed.

Application roles for subscribable reports

NOTE: This application role is available if the module Report Subscription Module is installed.

The following application role is available for managing subscribable reports:

Table 6: Application roles for subscribable reports
Application role	Description
Administrators	Administrators must be assigned to the Identity & Access Governance \| Company policies \| Report Subscriptions application role. Users with this application role: Create subscribable reports from existing reports. Configure report parameters for subscribable reports. Assign subscribable reports to employees, company structures or IT Shop shelves. Create custom mail templates for sending subscribed reports by email.

Veuillez sélectionner votre produit

Afin de mieux répondre à vos besoins, précisez l'objet du tchat:

Solutions recommandées pour votre problème

Identity Manager 9.0 LTS - Authorization and Authentication Guide

Application roles for company policies

Application roles for attestation

Application roles for subscribable reports

Application roles for management levels