サポートと今すぐチャット
サポートとのチャット

Identity Manager 8.1.5 - Compliance Rules Administration Guide

Compliance rules and identity audit
One Identity Manager users for identity audit Basic data for setting up rules Setting up a rule base rule check Creating custom mail templates for notifications
Mitigating controls Configuration parameters for Identity Audit

Customizing email signatures

Configure the email signature for mail templates using the following configuration parameter. Edit the configuration parameters in the Designer.

Table 38: Configuration parameters for email signatures

Configuration parameter

Description

Common | MailNotification | Signature

Data for the signature in email automatically generated from mail templates.

Common | MailNotification | Signature | Caption

Signature under the salutation.

Common | MailNotification | Signature | Company

Company name.

Common | MailNotification | Signature | Link

Link to the company's website.

Common | MailNotification | Signature | LinkDisplay

Display text for the link to the company's website.

VI_GetRichMailSignature combines the components of an email signature according to the configuration parameters for use in mail templates.

Mitigating controls

Table 39: Configuration parameter for risk assessment
Configuration parameter Effect when set
QER | CalculateRiskIndex Preprocessor relevant configuration parameter controlling system components for calculating an employee's risk index. Changes to the parameter require recompiling the database.

If the parameter is enabled, values for the risk index can be entered and calculated.

Effective permissions of employees, roles, or user accounts are checked in the context of Identity Audit on the basis of regulatory requirements. Violation of regulatory requirements can harbor different risks for companies. To evaluate these risks, you can apply risk indexes to compliance rules. These risk indexes provide information about the risk involved for the company if a particular rule is violated. Once the risks have been identified and evaluated, mitigating controls can be implemented.

Mitigating controls are independent on One Identity Manager’s functionality. They are not monitored through One Identity Manager.

Mitigating controls describe controls that are implemented if a compliance rule was violated. The next rule check should not find any rule violations once the controls have been applied.

An example of a mitigating control is the assignment of system entitlements only through authorized requests in the IT Shop. If system entitlements are issued to the employee through the IT Shop, a rule check can be integrated into the request’s approval procedure. System entitlements that would lead to a rule violation are therefore assigned not at all or only after gaining exception approval. The risk that rules are violated is thus reduced.

To edit mitigating controls

  • In the Designer, set the QER | CalculateRiskIndex configuration parameter and compile the database.

For more detailed information about risk assessment, see the One Identity Manager Risk Assessment Administration Guide.

Entering master data

To edit mitigating controls

  1. In the Manager, select the Risk index functions | Mitigating controls category.

  2. Select a mitigating control in the result list and run the Change master data task.

    - OR -

    Click in the result list.

  3. Edit the mitigating control master data.

  4. Save the changes.

Enter the following master data for mitigating controls.

Table 40: General master data for a mitigating control

Property

Description

Measure

Unique identifier for the mitigating control.

Significance reduction

When the mitigating control is implemented, this value is used to reduce the risk of denied attestation cases. Enter a number between 0 and 1.

Description

Detailed description of the mitigating control.

Functional area

Functional area in which the mitigating control may be applied.

Department

Department in which the mitigating control may be applied.

Additional tasks for mitigating controls

After you have entered the master data, you can run the following tasks.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択