Chat now with support
Chat with Support

Identity Manager On Demand Hosted - Risk Assessment Administration Guide

Defining mitigating controls

Mitigating controls can be defined in One Identity Manager functions.

Table 9: Object types with mitigating controls
Function Object type Application Available in Module
Compliance Compliance rules Reduces the risk connection with violating rules. Compliance Rules Module
Rule violations Reduces the risk connected with the exception approval of a concrete rule violation.
SAP functions Reduces the risk of SAP user accounts matching SAP functions. SAP R/3 Compliance Add-on Module
Attestation Attestation policies Reduces the risk connected with denied attestation cases. Attestation Module
Attestation Cases Reduces the risk connected with the denial of a concrete attestation case.
Company policies Company policies Reduces the risk connection with violating policies. Company Policies Module
Policy violations Reduces the risk connected with the exception approval of a concrete policy violation.

To edit mitigating controls

  • In the Designer, set the QER | CalculateRiskIndex configuration parameter and compile the database.

If you disable the configuration parameter at a later date, model components and scripts that are not longer required, are disabled. SQL procedures and triggers are still carried out. For more information about the behavior of preprocessor relevant configuration parameters and conditional compiling, see the One Identity Manager Configuration Guide.

Use SAP to assign mitigating controls to compliance rules, Manager functions or company policies. For more information, see Additional tasks for a mitigating control.

You can assign mitigating controls directly to a specific rule violation when editing exception approval for rule violations in the Web Portal. You can assign mitigating controls direct to a specific attestation case during attestation in the Web Portal. You can assign mitigating controls directly to a specific rule violation when editing exception approval for policy violations in the Web Portal. For more information, see the .One Identity Manager Web Designer Web Portal User Guide

Main data for a mitigating control

To create or edit mitigating controls

  1. In the Manager, select the Risk index functions > Mitigating controls category.

  2. Select a mitigating control in the result list and run the Change main data task.

    - OR -

    Click in the result list.

  3. Edit the mitigating control main data.

  4. Save the changes.

Enter the following main data of mitigating controls.

Table 10: General main data of a mitigating control

Property

Description

Measure

Unique identifier for the mitigating control.

Significance reduction

When the mitigating control is implemented, this value is used to reduce the risk of denied attestation cases. Enter a number between 0 and 1.

Description

Detailed description of the mitigating control.

Functional area

Functional area in which the mitigating control may be applied.

Department

Department in which the mitigating control may be applied.

Additional tasks for a mitigating control

After you have entered the main data, you can run the following tasks.

Mitigating controls overview

You can see the most important information about a mitigating control on the overview form.

To obtain an overview of a mitigating control

  1. In the Manager, select the Risk index functions > Mitigating controls category.

  2. Select the mitigating control in the result list.

  3. Select the Mitigating control overview task.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating