Chat now with support
Chat with Support

Identity Manager 8.0 - Attestation Administration Guide

Attestation and Recertification
One Identity Manager Users for Attestation Attestation Base Data Attestation Policies Creating Custom Mail Templates for Notifications
Approval Processes for Attestation Cases
Approval Policies Approval Workflows Selecting Attestors Setting up Multi-Factor Authentication for Attestation Prevent Attestation by Employee Awaiting Attestation Managing Attestation Cases
Attestation Sequence Default Attestation and Withdrawal of Entitlements User Attestation and Recertification Mitigating Controls Configuration Parameters for Attestation

Additional Tasks for Mitigating Controls

After you have entered the master data, you can apply different tasks to it. The task view contains different forms with which you can run the following tasks.

The Mitigating Controls Overview

The Mitigating Controls Overview

You can see the most important information about a mitigating control on the overview form.

To obtain an overview of a mitigating control

  1. Select the category Risk index functions | Mitigating controls.
  2. Select the mitigating control in the result list.
  3. Select the task Mitigating control overview.

Assigning Attestation Policies

Assigning Attestation Policies

Use this task to specify for which attestation policies the mitigating control is valid.

To assign attestation policies to mitigating controls

  1. Select the category Risk index functions | Mitigating controls.
  2. Select the mitigating control in the result list.
  3. Select Assign attestation polices in the task view.
  4. Double-click on the attestation policies you want to assign in Add Assignments

    - OR -

    Double-click on the attestation policies you want to remove in Remove Assignment.

  5. Save the changes.

Calculating Mitigation

Calculating Mitigation

The significance reduction of a mitigating control supplies the value by which to reduce an attestation's risk index if the control is implemented. One Identity Manager calculates a reduced risk index based on the risk index and the significance reduction. One Identity Manager supplies default functions for calculating reduced risk indexes. These functions cannot be edited with One Identity Manager tools.

The reduced risk index is calculated from the attestation policy and the significance reduced sum of all assigned mitigating controls.

Risk index (reduced) = Risk index - sum significance reductions

If the significance reduction sum is greater than the risk index, the reduced risk index is set to 0.

Related Documents