Chat now with support
Chat with Support

Identity Manager 9.1.2 - Administration Guide for the SAP R/3 Compliance Add-on

SAP functions and identity audit Setting up a synchronization project for synchronizing SAP authorization objects Setting up SAP functions Compliance rules for SAP functions Mitigating controls for SAP functions Configuration parameters for SAP functions Default project template for the SAP R/3 Compliance Add-on Module Referenced SAP R/3 tables and BAPI calls

More rule violation reports

One Identity Manager makes various reports available containing information about the selected base object and its relations to other One Identity Manager database objects. Additional reports can be created for enabled compliance rules for SAP functions.

Table 18: Reports about rule violations with SAP functions

Report

Description

Rule violations with SAP applications

This report groups together all rule violations for the selected rule. It supplies results for rules that verify SAP functions.

All function instances are listed with their SAP applications for each employee through which they violated the rule. SAP profiles and their authorization objects that match the SAP function are displayed for each SAP function.

Rule violations with SAP roles

This report groups together all rule violations for the selected rule. It supplies results for rules that verify SAP functions.

SAP groups, SAP roles, and SAP profiles with their authorization objects are listed for each employee through which they violated the rule.

SAP roles and profiles with rule violations

The report shows all SAP roles and profiles that match SAP functions and thereby violate the selected rule.

Mitigating controls for SAP functions

Violation of regulatory requirements can harbor different risks for companies. To evaluate these risks, you can apply risk indexes to SAP functions. These risk indexes provide information about the risk involved for the company if this particular SAP function is violated. Once the risks have been identified and evaluated, mitigating controls can be implemented.

Mitigating controls are independent on One Identity Manager’s functionality. They are not monitored through One Identity Manager.

Mitigating controls describe controls that are implemented if an SAP function was violated. The next calculation should not find any invalid authorizations for this SAP function once the controls have been applied.

To edit mitigating controls

  • In the Designer, set the QER | CalculateRiskIndex configuration parameter and compile the database.

If you disable the configuration parameter at a later date, model components and scripts that are not longer required, are disabled. SQL procedures and triggers are still carried out. For more information about the behavior of preprocessor relevant configuration parameters and conditional compiling, see the One Identity Manager Configuration Guide.

For more information about risk mitigation controls, see the One Identity Manager Risk Assessment Administration Guide.

Detailed information about this topic

Entering main data for mitigating controls

To create or edit mitigating controls

  1. In the Manager, select the Risk index functions > Mitigating controls category.

  2. Select a mitigating control in the result list and run the Change main data task.

    - OR -

    Click in the result list.

  3. Edit the mitigating control main data.

  4. Save the changes.

Enter the following main data of mitigating controls.

Table 19: General main data of a mitigating control

Property

Description

Measure

Unique identifier for the mitigating control.

Significance reduction

When the mitigating control is implemented, this value is used to reduce the risk of denied attestation cases. Enter a number between 0 and 1.

Description

Detailed description of the mitigating control.

Functional area

Functional area in which the mitigating control may be applied.

Department

Department in which the mitigating control may be applied.

Related topics

Mitigating controls overview

You can see the most important information about a mitigating control on the overview form.

To obtain an overview of a mitigating control

  1. In the Manager, select the Risk Index Functions category.

  2. Select the Mitigating controls category.

  3. Select the mitigating control in the result list.

  4. Select Mitigating control overview category.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating