Chat now with support
Chat with Support

Identity Manager 9.2.1 - Web Designer Web Portal User Guide

General tips and getting started Managing reports Security keys (WebAuthn) Requests
Setting up and configuring request functions Requesting products Managing the Saved for Later list Pending requests Displaying request history Resubmitting requests Canceling requests Renewing products with limit validity periods Unsubscribing products Displaying requests Undoing approvals Managing request inquiries directed at you Auditing requests Managing escalated requests
Attestation
Managing attestation inquiries directed at you Managing attestations Attestors for attestation cases Displaying attestation history Auditing attestations My attestation cases Managing escalated attestation cases Pending attestations
Compliance Responsibilities
Auditing
Auditing departments Auditing application roles Auditing devices Auditing business roles Auditing identities Auditing cost centers Auditing multi-request resources Auditing multi requestable/unsubscribable resources Auditing resources Auditing software Auditing locations Auditing system roles Auditing system entitlements Auditing assignment resources
Managing task delegations Ownerships Governance administration
Managing departments Managing business roles Managing identities Managing cost centers Managing multi-request resources Managing multi requestable/unsubscribable resources Managing resources Managing locations System entitlements Managing system roles Managing assignment resources
My responsibilities
Specifying keywords for requestable products Managing my departments Managing my application roles Managing my devices Managing my business roles Managing my identities Managing my cost centers Managing my multi-request resources Managing my multi requestable/unsubscribable resources Managing my resources Managing my software applications Managing my locations Managing my system entitlements Managing my system roles Managing my assignment resources
Opening other web applications Managing tickets Discovering your statistics on the home page Appendix: Attestation conditions and approval policies from attestation procedures Appendix: Page and menu descriptions
Information (menu description) My requests (menu description) Profile (menu description) Help (menu description) Request (menu description) Attestation (menu description)
My attestation status (page description) My actions (page description)
Pending attestations (page description)
Pending attestations – Attestation policies (page description) Pending attestations: One Identity Manager application roles (page description) Pending attestations: Departments (page description) Pending attestations: System roles (page description) Pending attestations: Locations (page description) Pending attestations: Business roles (page description) Pending attestations: PAM assets (page description) Pending attestations: PAM user accounts (page description) Pending attestations: Identities (page description) Pending attestations: Cost centers (page description) Pending attestations: User accounts (page description) Pending attestations: System entitlements (page description) Pending attestations: Resources (page description) Pending attestations: Assignment resources (page description) Pending attestation: Multi-request resources (page description) Pending attestations: Software (page description) Pending attestations: Multi requestable/unsubscribable resources (page description) Pending attestations: Devices (page description) Pending attestations – approvals (page description)
Attestation history (page description) Attestation inquiries (page description)
Auditing (page description) Governance administration (page description) Attestation escalation approval (page description)
Compliance (menu description) Responsibilities (menu description)
My responsibilities (page description)
Identities (page description) System entitlements (page description) Business roles (page description) System roles (page description) Departments (page description) Cost centers (page description) Locations (page description) Application roles (page description) Resources (page description) Assignment resources (page description) Multi-request resources (page description) Software (page description) Multi requestable/unsubscribable resources (page description) Devices (page description)
Delegating tasks (page description) Ownerships (page description) Auditing (page description)
Auditing – Departments (page description) Auditing – Application roles (page description) Auditing – Device (page description) Auditing – Business roles (page description) Auditing – Identity details (page description) Auditing – Cost center (page description) Auditing – Multi-request resources (page description) Auditing – Multi requestable/unsubscribable resources (page description) Auditing - Resources (page description) Auditing – Software (page description) Auditing – Locations (page description) Auditing – System roles (page description) Auditing - Assignment resource (page description) Auditing – Active Directory (page description) Auditing – Azure Active Directory (page description) Auditing – Custom target system group (page description) Auditing – Google Workspace (page description) Auditing – Domino (page description) Auditing – LDAP (page description) Auditing – Oracle E-Business Suite (page description) Auditing – Privileged Account Management (page description) Auditing – SAP R/3 (page description) Auditing – Unix (page description)
Governance administration (page description)
Business roles (page description) Identities (page description) Multi-request resources (page description) Multi requestable/unsubscribable resources (page description) Organization (page description) Resources (page description) System entitlements (page description) System roles (page description) Assignment resources (page description)
Tickets (menu description)

Governance administration (page description)

Open Governance Administration page go to Attestation > Governance Administration.

Attestations start with attestation policies. You use these policies to specify which objects are designated for attestation and when and how often they are run.

Managers or others responsible for compliance can use attestation policies to run the following tasks.

  • Authorize access

  • Setting up permissions

On the Governance Administration page you can perform various actions to do with attestation policies and attestation runs.

To do this, click on one of the tiles:

Table 220: Tiles

Tiles

Description

Attestation runs

You select the following actions:

  • Display attestations runs whose progress is shown as a prediction

  • Renew attestation runs

  • Send approver reminders

Attestation policy settings

You select the following actions:

  • Displaying attestation policies

  • Setting up attestation policies

  • Copying attestation policies

  • Editing attestation policies

  • Deleting attestation policies

Attestation runs (page description)

To open the Attestation runs page go to Attestation > Governance Administration > Attestation runs.

On the Attestation Runs page, you can:

  • Display attestations runs whose progress is shown as a prediction

  • Renew attestation runs

  • Send approver reminders

The following tables give you an overview of the different functions and content on the Attestation runs page.

Table 221: Controls

Control

Description

Min Category

You can use the options to select the attestation runs you want to display:

  • Good: Displays attestation runs that are rated as good.
  • Mediocre: Displays attestation runs that are rated as mediocre.
  • Bad: Displays attestation runs that are rated as bad.

Reminder attestors of all visible runs

Use this button to send reminder emails to all identities that still have attestation cases to approve in the attestation runs displayed.

Table 222: Controls in the attestation policy's details pane

Control

Description

Extending an attestation run

Use this button to renew the attestation run.

Send reminder

Use this button to send reminder emails to all identities that still have attestation cases to approve in the selected attestation runs.

Attestors > Send reminder

Use this button to send reminder emails to individual identities that still have attestation cases to approve in the selected attestation runs.

Table 223: Columns

Column

Description

Attestation policy

Shows the name of the attestation policy used in the attestation run.

Run started

Show when the attestation run started.

Due date

Shows when the attestation case must be completed.

Progress so far

Show the progress of completed attestation cases in this attestation run. The color of the bar refers to the percentage of the attestation run's progress.

  • Red: Progress under 70%

  • Orange: Progress between 70% and 90%

  • Green: Progress over 90%

TIP: You can show less data by using the column filters. For more information, see Filtering.

TIP: On the following tabs, you can show other useful information about each attestation run in the pane. To do this, click the appropriate instance in the list.

  • Details: Shows general information about attestation runs, details of associated attestation cases and an attestation prediction.

  • Attestors: Show the attestors for the selected attestation runs along with the number of pending and closed attestation cases. You can select attestors and send a reminder email.

Managing attestation policy (page description)

To open the Attestation Policy Settings page go to Attestation > Governance Administration > Attestation Policy Settings.

On the Attestation Policy Settings page, you can:

  • Display attestation policies

  • Set up attestation policies

  • Copy attestation policies

  • Edit attestation policies

  • Delete attestation policies

The following tables give you an overview of the various features and content on the Attestation Policy Settings page.

Table 224: Controls

Control

Description

Edit

Opens the Edit attestation policy page (see Editing attestation policies (page description)).

Use this button to edit the attestation policy. For example, you can:

  • Set up a schedule after the attestation case is generated

  • Disable the attestation policy

  • Select an identity to be responsible for granting or denying approval of attestation cases

  • Enable or disable automatic closing of obsolete attestation cases by the system

  • Create/edit condition for ascertaining which objects to attest

Copy

Use this button to copy the attestation policy.

Delete

Use this button to delete the attestation policy.

Show disabled policies

Use this button to display disabled attestation policies. For example, you can display a disabled attestation policy to edit and re-enable it.

New attestation policy

Use this button to create a new attestation policy. This opens the Create New Attestation Policy page.

Table 225: Columns

Column

Description

Attestation policy

Shows you the name of the attestation policy.

Attestation procedure

Shows you the name of the attestation procedure used by the attestation policy.

Compliance frameworks

Shows you the name of the compliance frameworks used by the attestation policy.

Compliance frameworks are used for classifying attestation policies, compliance rules, and company policies according to regulatory requirements.

Calculation schedule

Shows you how often an attestation run is started with this attestation policy. Each attestation run creates a new attestation case respectively.

Owner

Shows you the name of the identity that created the attestation policy.

Actions

Using the buttons (see the previous table) you can edit, copy, or delete the attestation policy.

TIP: You can show less data by using the column filters. For more information, see Filtering.

Creating new attestation policies (page description)

To open the Create New Attestation Policy page go to Attestation > Governance Administration > Attestation Policy Settings > New attestation policy.

On the Create New Attestation Policy page you can create a new attestation policy.

The following tables give you an overview of the various features and content on the Attestation Policy Settings page.

Table 226: Controls

Control

Description

Create

Use this button to save the attestation policy with your settings.

Cancel

Use this button to cancel creation of the new attestation policy.

You can specify the following main data.

Table 227: Attestation policy main data

Property

Description

Disabled

Specify whether the attestation policy is disabled or not. Attestation cases cannot be added to disabled attestation policies and, therefore, no attestation is done. Closed attestation cases can be deleted once the attestation policy is disabled.

Attestation policy

Enter a name for the attestation policy.

Description

Enter a description of the attestation policy.

Attestation procedure

Click Assign/Change and specify which objects will be attested with this attestation policy.

NOTE: The selection of the attestation procedure is crucial. The selected attestation procedure determines, amongst other things, the available options when conditions are added. The available options are modified to match the attestation procedure.

Approval policies

Specify who can approve the attestations. Depending on which attestation procedure you selected, different approval policies are available.

Attestors

Click Assign/Change and then select the identities that can make approval decisions about attestation cases.

NOTE: This field is only shown if you have selected an attestation policy in the Attestation policy menu that demands attestation by an approver (for example, Attestation by selected approvers).

Calculation schedule

Specify how often an attestation run is started with this attestation policy. Each attestation run creates a new attestation case respectively.

Time required (days)

Specify how many days attestors have to make an approval decision about the attestation cases governed by this policy. If you do not want to specify a time, enter 0.

Owner

Select the identity that is responsible for this attestation policy. This identity can view and edit the attestation policy.

Risk index

Use the slider to define the attestation policy's risk index. This value specifies the risk for the company if attestation for this attestation policy is denied.

Compliance frameworks

Click Assign/Change and select the relevant compliance frameworks for the attestation policy.

Compliance frameworks are used for classifying attestation policies, compliance rules, and company policies according to regulatory requirements.

Close obsolete tasks automatically

Specify whether attestation cases pending for this attestation policy are automatically closed if new attestation cases are created (for example, when there is a new attestation run of this attestation policy).

If an attestation run with this attestation policy is started and the option is set, new attestation cases are created according to the condition. All pending, obsolete attestation cases for newly determined attestation objects of this attestation policy are stopped. Attestation cases for attestation objects that are not recalculated, remain intact.

Approval by multi-factor authentication

Specify whether approvals about attestation cases governed by this attestation policy require multifactor authentication.

In the Object selection, you use conditions to specify which objects are to be attested. The following table gives you an overview of the various features in the Object selection view.

Table 228: Controls in the object selection

Control

Description

All conditions must be fulfilled:

Enable this option to have new attestation cases created for all objects that meet each of the conditions the next time the attestation policy is run. If one of the objects to attest does not fulfill a condition, this object is not attested. In addition, use of this option generates a intersecting set of all the individual conditions of the selected objects.

At least one condition must be fulfilled:

Enable this option so that new attestation cases are created for all objects that meet at least one of the conditions the next time the attestation policy is run. Use of this option generates a superset of all the individual conditions of the selected objects.

Add condition

Use this button to create a new condition. Conditions specify which objects to attest. For more information about the different conditions, see Appendix: Attestation conditions and approval policies from attestation procedures.

Number of objects matching in total

Click the displayed number to preview all objects that to attest.

Edit condition

Use this button to edit an existing condition.

Delete condition

Use this button to delete and an existing condition.

Refresh

Use this button to update the total number of matching objects.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating