Chat now with support
Chat with Support

Identity Manager 8.0 - Web Portal User Guide

Getting Started Request Attestations Compliance Ownerships
My Responsibilities Delegation Ownerships Auditing Governance Administration
Related Applications Calls Settings... Discovering your Statistics on the Start Page

Rule Analysis

Users who have access to certain SAP functions, and who have violated compliance rules can pose a significant security threat. You should analyze these users to determine if action should be taken. Two menus help you with these tasks in the Web Portal.

Rule analysis shows compliance rules that contain SAP function and identify each employee that violates the rules. You can analyze the rule violation to determine the cause.

To obtain information about SAP user accounts involved in a rule violation

  1. Select Compliance | Governance Administration and click Rule Analysis.

    A list of compliance rules that include SAP functions appears.

  2. Click Select in the desired entry, to view user accounts and employees who have violated compliance rules.

    You can determine which rules have violations by using the Critical Function Analysis.

    For any employee who has violated the rule, you can analyze the violation by role or ability.

  3. Perform one of the following tasks.
    1. ClickBy role to expand details about roles and profiles for the rule violation.
    2. Click By ability to expand details of SAP functions and transactions.
    3. Click Back to return to the list of employees.

Function analysis

Critical Function Analysis shows you employees with critical SAP functions, which violate compliance rules. For each employee, you can determine what SAP function is involved in the violation, and the rules that caused the violation. You can use the significance rating to prioritize your actions. If a rule with a significance rating is violated by a SAP function with a significance rating it must be handled promptly.

To identify employees who violate compliance rules with critical SAP functions

  1. Select Compliance | Governance Administration and click Critical Function Analysis.

    A list of employees with critical SAP functions appears.

  2. Click Select to expand details of SAP functions and rule violations for the selected employee.

Ownerships

In the Responsibilities menu, you can run various actions and obtain information. The following tables provide you with an overview of the menu items and actions that can be executed here.

Table 47: Menu Items for the "Responsibilities" Menu

Menu

Menu item

 

Action

Description

Ownerships

My Responsibilities

People

View your staff and their details. Add new people.

 

 

System entitlements

View and edit your system entitlements and their details. Add members and view historical data.

 

 

Business roles

View and edit your system roles and their details. Create new business roles or restore deleted ones. Split up, compare or merges roles.

 

 

System roles

View and edit your business roles and their details. Create new system roles.

 

 

Departments

View and edit your departments and their details. Restore deleted departments or split, compare and merge departments.

 

 

Cost centers

View and edit your cost centers and their details. Restore deleted cost centers or split, compare and merge cost centers.

 

 

Locations

View and edit your locations and their details. Restore deleted locations or split, compare and merge locations.

 

 

Resources

View and edit your resources and their details. Add new resources.

 

 

Assignment resources

View and edit your assignment resources and their details. Add entitlements and view historical data.

 

 

Multi-requestable/unsubscribable resources

View and edit Multi-requestable/unsubscribable resources and their details. Request memberships for employees and add permissions. View historical data.

 

 

Devices

View and edit your devices. Add new devices.

 

Delegation

Delegation

View responsibilities that you can delegate.

 

 

Delegation history

View your delegations to other members of staff and responsibilities delegate to yourself.

 

Responsibilities

 

Claim Ownership

Claim responsibility for a group that does not has no one in charge.

 

 

Assign Ownership

Assigns an owner to a business object.

 

Auditing

Employees

View all employee details.

 

 

Active Directory

View one or all entitlements of the employee who is responsible for an Active Directory group.

 

 

Azure Active Directory

View one or all entitlements of the employee who is responsible for an Azure Active Directory group.

 

 

LDAP

View one or all entitlements of the employee who is responsible for an LDAP group.

 

 

SAP R/3

View one or all entitlements of the employee who is responsible for an SAP R/3 group.

 

 

Universal Cloud Interface

View one or all entitlements of the employee who is responsible for an Universal Cloud Interface group.

 

 

UNIX

View one or all entitlements of the employee who is responsible for an Unix group.

 

 

Business roles

View one or all business roles of the employee who is responsible for them.

 

 

System roles

View one or all system roles of the employee who is responsible for them.

 

 

One Identity Manager Application Roles

View one or all application roles of the employee who is responsible for them.

 

 

Departments

View one or all departments of the employee who is responsible for them.

 

 

Cost centers

View one or all cost centers of the employee who is responsible for them.

 

 

Locations

View one or all locations of the employee who is responsible for them.

 

 

Resources

View one or all business roles of the employee who is responsible for them.

 

 

Assign resources

View one or all assignment resources of the employee who is responsible for them.

 

 

Multi-request resources

View one or all mulit-request resources of the employee who is responsible for them.

 

 

Multi-requestable/unsubscribable resources

View one or all Multi-requestable/unsubscribable resources of the employee who is responsible for them.

 

 

Applications

View one or all applications of the employee who is responsible for them.

 

Governance Administration

Business roles

View and edit business roles and their details. Restore deleted roles. Split up, compare or merge roles.

 

 

System entitlements

View and edit system entitlements and their details. Add members, assign devices and view historical data.

Detailed information about this topic

My Responsibilities

The My Responsibilities view is a submenu of the Responsibilities menu. Here you can view the tasks and entitlements under your supervision within your company. You can manage the following responsibilities: These actions can be called up over tiles.

Table 48: Overview of Responsibilities
Employees
Devices
Herarchical roles Organizations Department
Cost center
Location
Business role
Company resources System role
System entitlement
Resources
Assignment resources
Multi-requestable/unsubscribable resources
Detailed information about this topic
Related Documents