After you have entered the main data, you can run the following tasks.
Attestation and recertification
One Identity Manager users for attestation
Attestation base data
Approval processes for attestation cases
Attestation types
Attestation procedure
Attestation policies
General main data of an attestation procedure
Defining reports for attestation
Default attestation procedures
Additional tasks for attestation procedures
Attestation schedules
Compliance frameworks
Chief approval team
Attestation policy owners
Standard reasons for attestation
General main data of attestation policies
Specifying risk indexes for attestation guidelines
Default attestation policies
Additional tasks for attestation policies
Sample attestation
The attestation policy overview
Assigning approvers to attestation policies
Assigning compliance frameworks to attestation policies
Mitigating controls
Running attestation for single objects
Showing or hiding conditions
Copy attestation policies
Showing selected objects
Deleting attestation policies
Disabling attestation policies
Reports about attestations
Creating, editing, deleting samples
General main data of samples
Managing sample data
Generating sample data automatically
Using samples with attestation policies
Displaying the sample overview
Default sample for attesting memberships in system entitlements
Custom mail templates for notifications
Creating and editing attestation mail templates
General properties of a mail template
Creating and editing a mail definition
Copying mail templates for attestation
Displaying attestation mail templates previews
Deleting mail templates for attestation
Custom notification processes
Suspending attestation
Approval policies for attestations
Attestation sequence
General main data of approval policies
Default approval policies
Additional tasks for approval policies
Approval workflow for attestations
Working with the workflow editor
Setting up approval workflows
Selecting attestors
Editing approval levels
Editing approval steps
Properties of an approval step
Connecting approval levels
Additional tasks for approval workflows
Deleting approval workflows
Default approval workflows
Default approval procedures
Setting up multi-factor authentication for attestation
Prevent attestation by employee awaiting attestation
Attestation by peer group analysis
Managing attestation cases
Using attestation policies to find attestors
Using roles of employees to be attested to find attestors
Using attestation objects to find attestors
Determining attestors using the attestation objects' service item
Using attestation object managers to find attestors
Using persons responsible for attestation objects to find attestors
Using a specified role to find attestors
Using product owners to find attestors
Using owners of a privileged object to find attestors
Using additional Active Directory group owners to find attestors
Using owners of the attestation objects to find attestors
Using employees assigned to user accounts to find attestors
Determining attested employee as attestor
Calculated approval
Approvals to be made externally
Waiting for further approval
Setting up approval procedures
Additional tasks for approval procedures
Overview of the approval procedure
Specifying permitted approval procedures for tables
Copying an approval procedure
Deleting approval procedures
Determining the responsible attestors
Starting attestation
Additional tasks for attestation cases
Modifying approval workflows for pending attestation cases
Closing attestation cases for deactivated employees
Deleting attestation cases
Notifications in the attestation process
Default attestation and withdrawal of entitlements
Requesting attestation
Reminding attestors
Scheduling attestation requests
Reminding attestors about attestation objects
Granting or denying attestation cases
Notifying delegates
Canceling attestation cases
Escalation of attestation cases
Delegating attestations
Rejecting approvals
Notifications with questions
Notifications from additional attestors
Link for verifying new external users
Default mail templates
Attestation by mail
Adaptive cards attestation
Attesting system entitlements
System role attestation
Application role attestation
Business role attestation
User attestation and recertification
One Identity Manager users for attesting and recertifying users
Configuring user attestation and recertification
Attesting new users
Mitigating controls
Self-registration of new users in the Web Portal
Adding new employees using a manager or employee administrator
Importing new employee main data
Scheduled attestation
Limiting attestation objects for certification
Recertifying existing users
General main data of mitigating controls
Additional tasks for mitigating controls
Calculating mitigation
Setting up attestation in a separate database
Requirements for the central database
Setting up work databases
Setting up synchronization between central and work databases
Setting up and running attestations in the work database
Configuration parameters for attestation
Additional tasks for mitigating controls
Mitigating controls overview
You can see the most important information about a mitigating control on the overview form.
To obtain an overview of a mitigating control
-
In the Manager, select the Risk index functions > Mitigating controls category.
-
Select the mitigating control in the result list.
-
Select the Mitigating control overview task.
Assigning attestation policies
Use this task to specify for which attestation policies the mitigating control is valid.
To assign attestation policies to mitigating controls
-
In the Manager, select the Risk index functions > Mitigating controls category.
-
Select the mitigating control in the result list.
-
Select the Assign attestation polices task.
Assign the attestation policies in Add assignments.
TIP: In Remove assignments, you can remove the assignment of attestation policies.
To remove an assignment
-
Select the approval policy and double-click
.
-
- Save the changes.
Calculating mitigation
The reduced risk index is calculated from the company policy and the significance reduced sum of all assigned mitigating controls.
Risk index (reduced) = Risk index - sum significance reductions
If the significance reduction sum is greater than the risk index, the reduced risk index is set to 0.