Auditing is a submenu of Compliance. You can execute various actions, such as viewing all requests or viewing all approved requests, depending on which entitlements you have been assigned. These actions can be called up over tiles.
Auditing is a submenu of Compliance. You can execute various actions, such as viewing all requests or viewing all approved requests, depending on which entitlements you have been assigned. These actions can be called up over tiles.
NOTE: This function is only available if the module Company Policies Module or Compliance Rules Module is installed.
All employees that have violated rules are displayed under Rule violations. Auditing - Rule violations shows you all rule violations within a selected time period. Rule violations that have been granted or denied exceptions or are pending are shown in Rule violation.
Some functions have already been described in the menu Pending rule violations. You can find all the functions available in this menu listed under "Detailed information about this topic".
To open "Rule violations"
NOTE: This function is only available if the module Company Policies Module or Compliance Rules Module is installed.
All employees that have violated policies are displayed under Policy violations. Auditing - Policy violations shows you all rule violations within a selected time period. Policy violations that have been granted or denied exceptions or are pending, are shown in Pending policy violations.
Some functions have already been described in the menu Pending rule violations. You can find all the functions available in this menu listed under "Detailed information about this topic".
To open “Policy violations"
NOTE: This function is only available if Compliance Rules Module, Governance Base Module, Company Policies Module ,or Attestation Module is installed.
Companies have different requirements that they need for regulating internal and external employee access to company resources. On the one hand, rules are used for locating rule violations and on the other hand, to prevent them. They may also have to demonstrate that they adhere to legislated regulations such as the Sarbanes-Oxley Act (SOX). The following demands are made on compliance.
Some rules are preventative: A request will not be processed if it is in violation, unless exception approvals are specifically allowed, and an approver allows it. Rules (if appropriate) and policies are run on a regular schedule, and violations appear on the appropriate employee’s Web Portal for handling. Policies may have associated mitigations, which are processes that an employee can do outside of the One Identity Manager solution to reduce the risks posed by the violation. Reports and dashboards give you further insights into your state of compliance. For more information, see What statistics are available?.
Which information you see in Compliance depends heavily on your role. If you do not see a menu item that you think you should, contact your system administrator. The following overview shows which view you can see for which user roles.
| View | Description | Roles | 
|---|---|---|
| High-risk overview | Provides an overview of critical objects. The overview is divided into several parts. | Compliance and security officer | 
| Compliance frameworks | Provided details about the compliance frameworks in your environment. | Compliance framework administrator | 
| Rule violations | Provides reports on employees who violate policies. | Framework administrator, rule supervisor, and rule-exception approver | 
| Policy violations | Provides reports on objects which violate policies. | Framework administrator, policy supervisor, and rule-exception approver | 
| Rule analysis | Identifies employees who are in violation of rules related to SAP functions. You must configure SAP authorizations for testing. For more detailed information about SAP R/3 Compliance Add-on, see the One Identity Manager Identity Management Base Module Administration Guide. NOTE: the calculation of SAP functions must be activated by a manager. | Compliance framework administrator | 
| Function analysis | Specifies employees whose access to high-risk SAP function violates the rules. NOTE: the calculation of SAP functions must be activated by an manager. | Rule supervisors | 
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center