You can see the most important information about a mitigating control on the overview form.
To obtain an overview of a mitigating control
Use this task to specify for which company policies the mitigating control is valid. You can only assign company policy working copies on the assignment form.
To assign company policies to mitigating controls
- OR -
Double-click on the company policies you want to remove in Remove Assignment.
The significance reduction of a mitigating control supplies the value by which to reduce risk index if the control is implemented. One Identity Manager calculates a reduced risk index based on the risk index and the significance reduction. One Identity Manager supplies default functions for calculating reduced risk indexes. These functions cannot be edited with One Identity Manager tools.
The reduced risk index is calculated from the and the significance reduced sum of all assigned mitigating controls.
Risk index (reduced) = Risk index - sum significance reductions
If the significance reduction sum is greater than the risk index, the reduced risk index is set to 0.
The following configuration parameters are additionally available in One Identity Manager after the module has been installed. Some general configuration parameters are relevant for company policies. The following table contains a summary of all applicable configuration parameters for company policies.
Configuration parameter | Meaning |
---|---|
QER\Policy |
Preprocessor relevant configuration parameter for controlling company policy validation. Changes to the parameter require recompiling the database. If the parameter is enabled the target system modules are available. |
QER\Policy\EmailNotification |
This parameter is used for mail notifications. Information about notifications during company policy checks is stored under the parameter. |
QER\Policy\EmailNotification\DefaultSenderAddress | This configuration parameter contains the sender email address for automatically generated messages within company policy checking. |
QER\Policy\EmailNotification\NewExceptionApproval |
This configuration parameter contains the name of the mail template, which is sent if an approval exception for a new policy violation is required. |
QER\Policy\EmailNotification\NotPermittedViolation |
This configuration parameter contains the name of the mail template which is sent if a new rogue policy violation occurs. |
QER\CalculateRiskIndex | Preprocessor relevant configuration parameter controlling system components for calculating an employee's risk index. Changes to the parameter require recompiling the database.
If the parameter is set, values can be entered and calculated for the risk index. |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy