Chat now with support
Chat with Support

Identity Manager 8.0 - Risk Assessment Administration Guide

Defining Mitigating Controls

Defining Mitigating Controls

Mitigating controls can be defined in the One Identity Manager functions.

Table 9: Object Types with Mitigating Controls
Function Object Type Use Case Available in Module
Compliance Compliance rules Reduces the risk connection with violating rules. Compliance Rules Module
Rule violations Reduces the risk connected with the exception approval of a concrete rule violation.
SAP functions Reduces the risk of SAP user accounts matching SAP functions. SAP R/3 Compliance Add-on Module
Attestations Attestation policies Reduces the risk connected with denied attestation cases. Attestation Module
Attestation Cases Reduces the risk connected with the denial of a concrete attestation case.
Company policies Company policies Reduces the risk connection with violating policies. Company Policies Module
Policy violations Reduces the risk connected with the exception approval of a concrete policy violation.

To edit mitigating controls

  • Set the configuration parameter "QER\CalculateRiskIndex" in the Designer and compile the database.

Use the Manager to assign mitigating controls to compliance rules, SAP functions or company policies. For more information, see Additional Tasks for Mitigating Controls.

You can assign mitigating controls directly to a specific rule violation when editing exception approval for rule violations in the Web Portal. You can assign mitigating controls direct to a specific attestation case during attestation in the Web Portal. You can assign mitigating controls directly to a specific rule violation when editing exception approval for policy violations in the Web Portal. For more information, see the One Identity Manager Web Portal User Guide.

General Master Data for a Mitigating Control

General Master Data for a Mitigating Control

To edit mitigating controls

  1. Select the category Risk index functions | Mitigating controls.
  2. Select a mitigating control in the result list. Select Change master data in the task view.

    - OR -

    Click in the result list toolbar.

  3. Edit the mitigating control master data.
  4. Save the changes.

Enter the following master data for mitigating controls.

Table 10: General Master Data for a Mitigating Control
Property Description
Measure Unique identifier for the mitigating control.
Significance reduction When the mitigating control is implemented, this value is used to reduce the risk of denied attestation cases. Enter a number between 0 and 1.
Description Detailed description of the mitigating control.
Functional area Functional area in which the mitigating control may be applied.
Department Department in which the mitigating control may be applied.

Additional Tasks for Mitigating Controls

After you have entered the master data, you can apply different tasks to it. The task view contains different forms with which you can run the following tasks.

The Mitigating Controls Overview

The Mitigating Controls Overview

You can see the most important information about a mitigating control on the overview form.

To obtain an overview of a mitigating control

  1. Select the category Risk index functions | Mitigating controls.
  2. Select the mitigating control in the result list.
  3. Select the task Mitigating control overview.
Related Documents