Specify which mitigating controls apply to the selected role.
To assign mitigating controls to a rule
-
In the Manager, select the Identity Audit > Rules > Working copies of rules category.
-
Select the working copy in the result list.
-
Select the Assign mitigating controls task.
-
In the Add assignments pane, double-click the mitigating controls you want to assign.
– OR –
In the Remove assignments area, double-click mitigating controls to remove assignments.
- Save the changes.
NOTE: Mitigating controls assigned to the SAP functions for testing are automatically transferred into compliance rules about SAP functions.
Prerequisites
For more information about this, see the One Identity Manager Administration Guide for the SAP R/3 Compliance Add-on.
To create a mitigating control for rules
-
In the Manager, select the Identity Audit > Rules > Working copies of rules category.
-
Select a working copy in the result list.
-
Select the Assign mitigating controls task.
-
Select the Create mitigating controls task.
-
Enter the main data of the mitigating control.
- Save the changes.
-
Select the Assign rules task.
-
In the Add assignments pane, double-click the rules you want to assign.
- Save the changes.
Detailed information about this topic
When you enable the working copy, the changes are transferred to the original rule. A rule is added to a new working copy. Only original rules are taken into account by rule checking.
To enable a working copy
-
In the Manager, select the Identity Audit > Rules > Working copies of rules category.
-
Select the working copy in the result list.
-
Select the Enable working copy task.
- Confirm the security prompt with OK.
TIP: In the Manager, all working copies with a different condition to that of the original rule are displayed in the Identity audit > Rules > Working copies of rules > Modified working copies category.
There are several tasks available for a working copy that immediately perform a rule check. For more information, see Checking compliance rules.
