Before you save data or changes for attestation policies, you can set the link type for selecting the object. Set this in the Attestation procedure when you add or edit a new attestation policy. The following link types are available.
Link Type |
Description |
Example |
---|---|---|
All conditions must be fulfilled: |
New attestation cases are added for all objects fulfilling all of the conditions the next time the attestation policy is executed. If one of the objects to attest does not fulfill a condition, this object is not attested. In addition, use of this link type generates a intersecting set of all the individual conditions of the selected objects. |
Example: For the attestation policy of type "Membership in organizations" there are the condition "Departments with matching names" and "Attestation by attestation status". If this link type is set, the sum of the results for both conditions is displayed in addition to the results for each condition separately. |
At least one condition must be fulfilled: |
New attestation cases are added for all objects fulfilling at least one of the conditions the next time the attestation policy is executed. Use of this link type generates a superset of all the individual conditions of the selected objects. |
Several conditions apply to the attestation policy mentioned above. During the attestation case, the superset of attestation objects is displayed as the sum of objects found because this link type requires at least condition to be met. |
To select object link types
In the Attestation Policy Settings menu you can also copy and edit attestation policies. If you enable the option Include deactivated policies, you can also edit these policies.
Copied attestation policies can be deleted again.
To copy an attestation policy
|
NOTE: The system contains default attestation policies. These policies can only be edited to a limited degree. Only Approval policies, Calculation schedule, Time required and the option Close obsolete tasks automatically could be edited until now. If you want to make changes to a default attestation policy, create a copy and edit the copy. |
|
NOTE: If the option Close obsolete tasks automatically is set, you cannot hide processed attestation cases which are beyond the deadline. |
For more information, see Adding Attestation Policies. You can also add new conditions, change or delete existing ones. You permissions determined which data you may edit. For more information, see Adding Conditions.
In the Attestation Policy Settings menu, you can delete attestation policies.
Copied attestation policies can be deleted again both in the Attestation Policy Settings view and the Edit attestation policy view.
To delete an attestation policy
- OR -
This displays the Edit attestation policy view.
The attestation policy is removed from the list.
When you edit attestation polices, you can also add new conditions to them. You can only add conditions to copies of attestation policies.
To add a condition to a policy
|
NOTE: The options available in Condition type depend on which attestation procedure is set for the attestation policy to be edited. |
The following options are available.
Condition Type |
Description |
---|---|
All roles / cost centers |
Lists all company structures. Multi-select is possible. Selected parameters are listed in the detailed content view and can be canceled again there. Or you cancel the selection in list again. |
Attestation by attestation status / Roles by assignment type |
Lists attestations by status or role assignment type as other parameter. Multi-select is possible. Selected parameters are listed in the detailed content view and can be canceled again there. Or you cancel the selection in list again. |
Specific roles / cost centers |
List certain roles for the company structure, You can toggle between tree view and list view using |
Business roles / Application roles / Cost centers with matching names |
Displays the Name text box. Enter a name for the company structure. |
New or not attested for x days |
Displays the Count text box. You can enter the count. |
Roles with specific owners / user accounts with specific people / Roles with any owner |
Lists certain employees for the company structure. Additional columns can be shown and the filter function applied. Multi-select is possible. Selected employees are listed in the detailed content view and can be canceled again there. Or you cancel the selection in list again. |
Roles with specific role classes |
Lists specific role classes. Multi-select is possible. Selected role classes are listed in the detailed content view and can be canceled again there. Or you cancel the selection in list again. |
Roles with defined risk index |
Display a scale of 0 to 1 for the risk index and two slide rulers. Specify a beginning and an end value within the scale. |
Roles with owners in departments |
Lists departments which have owners. Multi-select is possible. Selected role classes are listed in the detailed content view and can be canceled again there. Or you cancel the selection in list again. |
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy