Chat now with support
Chat with Support

Identity Manager 8.0 - Company Policies Administration Guide

Company Policies
One Identity Manager Users for Company Policies Base Data for Company Policies Defining Company Policies Checking Company Policies Creating Custom Mail Templates for Notifications
Mitigating Controls General Configuration Parameter for Company Policies

Exception Approvers

Employees who can issue exception approvals for policy violations can be assigned to company policies. To do this, assign an application role for exception approvers to a company policy on the master data form.

A default application role for exception approvers is available in One Identity Manager. You may create other application roles as required. For more information about application roles, see the One Identity Manager Application Roles Administration Guide.

Table 9: Default Application Role for Exception Approvers
User Task

Exception approver

Exception approvers must be assigned to the application role Identity & Access Governance | Company policies | Exception approvers or to a child role.

Users with this application role:

  • Edit policy violations.
  • Can grant exception approval or revoke it.

To edit exception approvers

  1. Select the category Company Policies | Basic configuration data | Exception approvers.
  2. Select Change master data in the task view.

    - OR -

    Select the application role in the result list. Select Change master data in the task view.

    - OR -

    Click in the result list toolbar.

  3. Edit the application role's master data.
    Property Value
    Parent application role Assign the application role Identity & Access Governance | Company policies | Exception approvers or a child application role.
  4. Save the changes.
  5. Select the task Assign employees, to add members to the application role.
  6. Assign employees in Add assignments.

    - OR -

    Remove employees from Remove assignments.

  7. Save the changes.
Related Topics

Standard Reasons

Standard Reasons

In the Web Portal, you can enter reasons, which provide explanations for individual approval decisions of the . You can freely formulate this text. You also have the option to predefine reasons. The selects the most suitable text from these standards reasons in the Web Portal and stores it with the .

To edit standard reasons

  1. Select a standard reason in the result list. Select Change master data in the task view.

    - OR -

    Click in the result list toolbar.

  2. Edit the master data for a standard reason.
  3. Save the changes.

Enter the following properties for the standard reason.

Table 10: General Master Data for a Standard Reason
Property Description
Standard reason Reason text as displayed in the Web Portal.
Description Spare text box for additional explanation.
Automatic Approval Specifies whether the reason text is entered automatically by One Identity Manager into the .

Do not set this option if the you want to select the standard reason in the Web Portal.

Additional text required Specifies whether an additional reason should be entered in freely formatted text for the .

Predefined Standard Reasons

One Identity Manager supplies predefined standard reasons. These standard reasons are added to the policy violations by One Identity Manager, if approval is automatic.

To display predefined standard reasons

  • Select the category Company Policies | Basic configuration data | Standard reasons | Predefined.

Defining Company Policies

Company policies include more properties in One Identity Manager apart from just technical descriptions, for example, risk assessment of a policy violation and accountability. Classification of company policies by compliance framework and structuring in policy groups is also possible.

Related Documents