Chat now with support
Chat with Support

Identity Manager 9.3 - Web Portal User Guide

General tips and getting started Managing background processes Managing reports Managing security keys (WebAuthn) Requests
Setting up and configuring request functions Requesting products Managing the Saved for Later list Pending requests Displaying request history Displaying archived requests Sharing products with others Resubmitting requests Canceling requests Renewing products with limit validity periods Unsubscribing products Displaying approvals Undoing request approvals Managing request inquiries directed at you
Attestation
Managing attestations Managing attestation inquiries directed at you Displaying attestation history Managing your own attestation cases Managing pending attestations Revoking attestation case approvals
Compliance Managing risk index functions Responsibilities
Managing task delegations Ownerships Managing my responsibilities
Managing my departments Managing my application roles Managing my devices Managing my business roles Managing my identities Managing my cost centers Managing my multi-request resources Managing my multi requestable/unsubscribable resources Managing my resources Managing my software applications Managing my locations Managing my system entitlements Managing my system roles Managing my assignment resources Managing my team role
Managing responsibilities of my reports
Managing data
Managing departments Managing application roles Managing user accounts Managing business roles Managing identities Managing cost centers Managing multi-request resources Managing multi requestable/unsubscribable resources Managing resources Managing locations Managing system entitlements Managing system roles Managing assignment resources
Opening other web applications Managing tickets Statistics Appendix: Attestation conditions and approval policies from attestation procedures

Managing rule violations

Compliance rules that are violated generate rule violations. Rule violation exceptions can be granted or denied.

Detailed information about this topic

Displaying approvable rule violations

You can display rule violations that you can approve. In doing so, you can additionally display rule violations that already have an approval decision.

To display rule violations

  1. In the menu bar, click Compliance > Rule violations.

    This opens the Rule Violations page and displays all the rule violations that are still subject to approval.

  2. (Optional) To control which rule violations are displayed, perform the following actions:

    1. Click (Filter).

    2. In the Filter Data side panel, enable the relevant filter options.

    3. Click Apply filter.

  3. (Optional) To display details of a rule violation, click the appropriate rule violation.

Related topics

Assigning mitigating controls to rule violations

Mitigating controls can be assigned to rule violations to reduce the risk of rule violations.

NOTE: You can assign only mitigating controls that are also assigned to the compliance rules that are violated.

NOTE: You can only assign mitigating controls to a rule violation if your system is configured appropriately. Otherwise, the mitigating controls assigned to the compliance rule are automatically assigned to every other related rule violation.

To assign mitigating controls to a rule violation

  1. In the menu bar, click Compliance > Rule violations.

  2. On the Rule Violations page, click the rule violation to which you want to assign mitigating controls.

  3. In the View Rule Violation Details side panel, click the Mitigating Controls tab.

  4. On the Mitigating Controls tab, click Assign mitigating controls.

  5. In the drop-down, select the mitigating control that you want to assign to the rule violation.

  6. (Optional) To assign other mitigating controls, click (Assign mitigating control).

  7. Click Save.

Displaying rule violations of identities with critical SAP functions

Identities that have access to certain critical SAP functions, may violate compliance rules and can pose a significant security threat. You can analyze and determine these identities in order to prepare countermeasures.

You can display rule violations of identities that violate compliance rules containing SAP functions. For each identity, you can find out which compliance rule was violated and which SAP function was involved in the rule violation. If a compliance rule with a high rating has been violated by an SAP function with a high rating, you must act immediately.

To display rule violations of identities with critical SAP functions

  1. In the menu bar, click Compliance > Rule violations.

  2. On the Rule Violations page, click (Filter).

  3. In the Filter data side panel, select the Compliance rules containing SAP function instances check box.

  4. Click Apply filter.

    This displays all the rule violations of compliance rules containing SAP functions.

  5. (Optional) To determine whether a rule violation was caused by the role or the instance, perform the following:

    1. Click the relevant rule violation.

    2. In the View Rule Violation Details side panel, click the SAP Functions tab.

    3. On the SAP functions tab, in the SAP user account drop-down, select the SAP user account you want to analyze.

    4. Perform one of the following actions:

      • To display details about rule violations of roles and profiles, click By role

      • To display details of SAP functions and transactions, click By ability.

        TIP: To display the objects grouped by SAP function instance or SAP transaction, click Group and then SAP function instance or SAP transaction.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating