Chat now with support
Chat with Support

Identity Manager 8.0 - Web Portal User Guide

Getting Started Request Attestations Compliance Ownerships
My Responsibilities Delegation Ownerships Auditing Governance Administration
Related Applications Calls Settings... Discovering your Statistics on the Start Page

High Risk Overview

This overview lists high risk objects and divides them up into different groups that can be expanded and collapsed. Each of the groups displays resources with the highest risk factor, which you manage. Risk indexes are calculated on for employees, user accounts, system roles, structures, organizations and business roles. Risk indexes are calculated for employees, user accounts, system roles, IT Shop structures, organizations and business roles, file system and SharePoint resources. Object have risk values, which provide the risk index when combined with risk index functions. You can view the following information in the statistic High Risk Overvew.

  • Breakdown for of the highest risk items for each type
  • For more information on risk function calculators, see Modifying Risk Calculators.

Compliance Frameworks

NOTE: This function is only available if at least one of the modules Governance Base Module, Attestation Module, Compliance Rules Module or Company Policies Module is installed.

Compliance frameworks group together various policies, rules, and attestations to correspond with regulatory requirements. Compliance frameworks are set up by an administrator, but can be viewed in the Web Portal.

This is required, for example, of you must comply to a certain framework. It is useful to know, which rules, policies and attestation policies are connected with the framework.

To view a compliance framework

  • Open the menu Compliance | Governance Administration and click Compliance Frameworks.

    A Hyper View of the framework appears, with a shape for the associated rules, policies and attestation policies.

Rule Violations

Certain roles require you to find violations within their own system. This information can help fill holes in security or compliance politic and help develop attestation policies or violation mitigation. Mitigation comprises of processes existing outside the One Identity Manager solution and which reduce the risk of violation. For more information, see Governance Administration.

You can generate reports that describe the rule violations exactly. These reports contain a risk assessment for you to use for prioritizing violations and on which to base subsequent planning. The reduced risk index takes many risk factors arising from violations into account and represent the risk as a value between 0 (no risk) and 1 (high risk).

NOTE: You can only see the menu items Policy Violations or Rule Violations if you have the Compliance & Security Officer's or Auditor's application role.

Depending on which application is assigned to you, the following options are visible to you in your rule violation view:

  • By framework
  • By department
  • By rule
  • By application role
  • All compliance rules

NOTE: If you only have one application role, you will not see any other options. The option corresponding to the application in this case is preset and must not be enabled by you.

To view rule violations

  1. Open the menu Compliance | Governance Administration and click Rule Violations.
  2. Set one of the options shown to present the view more clearly.
  3. Mark a rule.
  4. Get further information.
  5. Perform one of the following tasks.
    1. Click one of the links in the detailed content view to display more details.
    2. Click "Show details" to display details about the selected rule.
    3. Depending on your role assignments, you can generate a report using Report.

Policy Violations

Certain roles require you to find policy violations within their own system. This information can help fill holes in security or compliance politic and help develop attestation policies or violation mitigation. Mitigation comprises of processes existing outside the One Identity Manager solution and which reduce the risk of violation. For more information, see Governance Administration.

You can generate reports, which exactly describe the rule or policy violations. These reports contain a risk assessment for you to use for prioritizing violations and on which to base subsequent planning. The reduced risk index takes many risk factors arising from violations into account and represent the risk as a value between 0 (no risk) and 1 (high risk).

NOTE: You can only see the menu item Policy violations or Rule violations if you have the Compliance & Security Officer's or Auditor's application role.

Depending on which application roles have been assigned to you, the following options are visible to you in your rule violation view:

  • Framework administrator
  • Policy supervisors
  • Exception approvers
  • All Policies

NOTE: If you only have one application role, you will not see any other options. The option corresponding to the application in this case is preset and must not be enabled by you.

To view rule violations

  1. Open the menu Compliance | Governance Administration and click Policy Violations.
  2. Set one of the options shown to present the view more clearly.
  3. Mark a rule.
  4. Get further information.
  5. Perform one of the following tasks.
    1. Click one of the links in the detailed content view to display more details.
    2. Click "Show details" to display details about the selected rule.
    3. Depending on your role assignments, you can generate a report using Report.
Related Documents