Companies have different requirements that they need for regulating internal and external identities' access to company resources. On the one hand, rule checks are used for locating rule violations and on the other hand, to prevent them. By using these rules, you can demonstrate compliance with legislated regulations such as the Sarbanes-Oxley Act (SOX). The following demands are made on compliance:
-
Compliance rules define what an employee is entitled to do or not do. For example, an identity may not have both entitlements A and B at the same time.
-
Company policies are very flexible, and can be defined for any company resources you are managing with Manager. For example, a policy might only allow identities from a certain department to own a certain entitlement.
-
Each item that an identity access can be given a risk value. A risk index can be calculated for identities, accounts, organization, roles, and for the groups of resources available for request. You can then use the risk indexes to help prioritize your compliance activities.
Some rules are preventative. For example, a request will not be processed if it violates the rules, unless exception approval is explicitly granted and an approver allows it. Compliance rules (if appropriate) and company policies are run on a regular schedule and violations appear in the identity’s Web Portal to be dealt with there. Company policies can contribute to mitigation control by reducing risk. For example, if risks are posed by identities running processes outside the One Identity Manager solution and causing violations. Reports and dashboards provide you with comprehensive compliance information
Detailed information about this topic
You can see cost center rule violations.
To display rule violations
-
In the menu bar, click Responsibilities > Governance Administration.
-
On the Governance Administration page, perform the following actions:
-
Click Organization.
-
On the Organization page, click Cost centers in the Type drop-down.
-
On the Cost Centers page, click the cost center whose rule violations you want to display.
-
In the details pane, click Edit.
-
On the overview page, click Compliance.
This opens the Compliance - <cost center name> page (see Compliance – Cost center (page description)).
Related topics
You can see cost center policy violations.
To display policy violations
-
In the menu bar, click Responsibilities > Governance Administration.
-
On the Governance Administration page, perform the following actions:
-
Click Organization.
-
On the Organization page, click Cost centers in the Type drop-down.
-
On the Cost Centers page, click the cost center whose policy violations you want to display.
-
In the details pane, click Edit.
-
On the overview page, click Compliance reports.
This opens the Compliance reports - <cost center name> page (see Compliance reports – Cost center (page description)).
-
In the View menu, select Policy violations.
Related topics
You can see the rule violations of identities that are assigned specific cost centers.
To display rule violations of a cost center's members
-
In the menu bar, click Responsibilities > Governance Administration.
-
On the Governance Administration page, perform the following actions:
-
Click Organization.
-
On the Organization page, click Cost centers in the Type drop-down.
-
On the Cost Centers page, click the cost center whose rule violations you want to display.
-
In the details pane, click Edit.
-
On the overview page, click Compliance reports.
This opens the Compliance reports - <cost center name> page (see Compliance reports – Cost center (page description)).
-
In the View menu, select Compliance rule violations.
Related topics
