Using default company policies
One Identity Manager provides various default company polices as working copies. In order to include these company polices in the policy check, enable the working copies.
To use a default company policy
-
In the Manager, select the Company policies > Policies > Working copies of policies > Predefined category.
-
Select the working copy in the result list.
-
Select Enable working copy.
- Confirm the security prompt with Yes.
- Enable the original policy. Confirm the prompt with Yes.
You can customize the following default company policy properties:
TIP: If you want to edit more properties, create a copy of a default company policy. You can changes more properties in the working copy.
Deleting company policies
IMPORTANT: All information about a company policy and policy violations is irrevocably deleted when the company policy is deleted! The data cannot be retrieved at a later date.
One Identity therefore recommends that you create a report about the company policy and its current violations before deleting it, if you want to retain the information (for audit reasons, for example).
You can delete a company policy, if no policy violations exist for it.
To delete a company policy
-
In the Manager, select the Company Policies > Policies category.
-
Select the company policy to delete in the result list.
-
Select the Disable policy task.
Existing policy violations are removed by the DBQueue Processor.
-
After the DBQueue Processor has recalculated policy violations for the company policy, click 
in the toolbar to delete the company policy.
The company policy and the working copy are deleted.
Policy groups
Use policy groups to group together company policies by functionality. You can use policy to groups to structure company policies hierarchically.
To create a policy group
-
In the Manager, select the Company Policies > Basic configuration data > Policy groups category.
-
Click 
in the result list.
-
Edit the main data of the policy group.
-
Group name: Name of the policy group.
-
Parent group: Parent policy group in a hierarchy. In the drop-down, select a parent policy group from the list for organizing your policy groups hierarchically.
- Save the changes.
To edit a policy group
-
In the Manager, select the Company Policies > Basic configuration data > Policy groups category.
-
Select a policy group in the result list. Select the Change main data task.
-
Edit the main data of the policy group.
- Save the changes.
In the Policy violation overview report, you can get an overview of all policy violations for a policy group.
Compliance frameworks
Compliance frameworks are used for classifying attestation policies, compliance rules, and company policies according to regulatory requirements.
Compliance frameworks can be organized hierarchically. To do this, assign a parent framework to the compliance frameworks.
To create or edit compliance frameworks
- In the Manager, select the Company Policies > Basic configuration data > Compliance frameworks category.
-
Select a Compliance Framework in the result list and run the Change main data task.
- OR -
Click in the result list.
-
Edit the compliance framework main data.
- Save the changes.
Enter the following properties for compliance frameworks.
Table 6: Compliance framework properties
|
Compliance framework |
Name of the compliance framework. |
|
Parent framework |
Parent compliance framework in the framework hierarchy. Select an existing compliance framework in the drop-down for organizing compliance frameworks hierarchically. |
|
Manager/supervisor |
Application role whose members are allowed to edit all company rules assigned to this compliance framework |
|
Description |
Text field for additional explanation. |
