Chat now with support
Chat with Support

Identity Manager 8.0 - Company Policies Administration Guide

Company Policies
One Identity Manager Users for Company Policies Base Data for Company Policies Defining Company Policies Checking Company Policies Creating Custom Mail Templates for Notifications
Mitigating Controls General Configuration Parameter for Company Policies

The Mitigating Controls Overview

The Mitigating Controls Overview

You can see the most important information about a mitigating control on the overview form.

To obtain an overview of a mitigating control

  1. Select the category Risk index functions | Mitigating controls.
  2. Select the mitigating control in the result list.
  3. Select the task Mitigating control overview.

Assigning Company Policies

Assigning Company Policies

Use this task to specify for which company policies the mitigating control is valid. You can only assign company policy working copies on the assignment form.

To assign company policies to mitigating controls

  1. Select the category Risk index functions | Mitigating controls.
  2. Select the mitigating control in the result list.
  3. Select the task Assign company policies.
  4. Double-click on the company policies you want to assign in Add Assignments

    - OR -

    Double-click on the company policies you want to remove in Remove Assignment.

  5. Save the changes.

Calculating Mitigation

Calculating Mitigation

The significance reduction of a mitigating control supplies the value by which to reduce risk index if the control is implemented. One Identity Manager calculates a reduced risk index based on the risk index and the significance reduction. One Identity Manager supplies default functions for calculating reduced risk indexes. These functions cannot be edited with One Identity Manager tools.

The reduced risk index is calculated from the and the significance reduced sum of all assigned mitigating controls.

Risk index (reduced) = Risk index - sum significance reductions

If the significance reduction sum is greater than the risk index, the reduced risk index is set to 0.

General Configuration Parameter for Company Policies

The following configuration parameters are additionally available in One Identity Manager after the module has been installed. Some general configuration parameters are relevant for company policies. The following table contains a summary of all applicable configuration parameters for company policies.

Table 27: Overview of Configuration Parameters
Configuration parameter Meaning
QER\Policy

Preprocessor relevant configuration parameter for controlling company policy validation. Changes to the parameter require recompiling the database.

If the parameter is enabled the target system modules are available.

QER\Policy\EmailNotification

This parameter is used for mail notifications.

Information about notifications during company policy checks is stored under the parameter.

QER\Policy\EmailNotification\DefaultSenderAddress This configuration parameter contains the sender email address for automatically generated messages within company policy checking.
QER\Policy\EmailNotification\NewExceptionApproval

This configuration parameter contains the name of the mail template, which is sent if an approval exception for a new policy violation is required.

QER\Policy\EmailNotification\NotPermittedViolation

This configuration parameter contains the name of the mail template which is sent if a new rogue policy violation occurs.

QER\CalculateRiskIndex Preprocessor relevant configuration parameter controlling system components for calculating an employee's risk index. Changes to the parameter require recompiling the database.

If the parameter is set, values can be entered and calculated for the risk index.

Related Documents