Requesting exception approval
If new policy violations are discovered during a policy check, exception approvers are notified and prompted to make an approval decision.
Prerequisites
-
Exception approvals for policy violations are permitted.
-
The company policy is assigned to an Exception approvers application role.
-
Employees are assigned to this application role.
To send demands for exception approval
Related topics
Notifications about policy violations without exception approval
Policy supervisors are notified if new policy violations are discovered during a policy check and these cannot be granted exception approval.
Prerequisites
-
Exception approvals for policy violations are not permitted.
-
An application role for Policy superviors is assigned to the company policy.
-
Employees are assigned to this application role.
To inform a policy supervisor about policy violations
Related topics
Displaying approval status of policy violations
Edit policy violations in the Web Portal. For more information, see the One Identity Manager Web Designer Web Portal User Guide.
In the Manager, you can get an overview of the approval status of each policy violation. To do this, open the overview form of the enabled company policy whose policy violations you want to look at. You will see new, granted, and denied policy violations here.
To display details of a policy violation
-
In the Manager, select the Company Policies > Policies category.
-
Select the company policy in the result list.
-
Select the Company policy overview task.
-
Select the form element for the policy violation and make the list entries visible. You have the following option:
-
Policy violations: new: Displays all policy violations pending approval.
-
Policy violations: exception approved: Displays all policy violations that have been granted approval.
-
Policy violations: exception denied: Displays all policy violations that have not been granted approval.
-
Click the policy violation you want to view.
This opens the policy violation main data form, which shows you an overview of the object that caused the violation, the approval status and the exception approver responsible.
Related topics
Mitigating controls for company policies
Violation of regulatory requirements can harbor different risks for companies. To evaluate these risks, you can apply risk indexes to company policies. These risk indexes provide information about the risk involved for the company if this particular policy is violated. Once the risks have been identified and evaluated, mitigating controls can be implemented.
Mitigating controls are independent on One Identity Manager’s functionality. They are not monitored through One Identity Manager.
Mitigating controls describe controls that are implemented if a company policy was violated. The next policy check should not find any rule violations once the controls have been applied.
To edit mitigating controls
- In the Designer, set the QER | CalculateRiskIndex configuration parameter and compile the database.
If you disable the configuration parameter at a later date, model components and scripts that are not longer required, are disabled. SQL procedures and triggers are still carried out. For more information about the behavior of preprocessor relevant configuration parameters and conditional compiling, see the One Identity Manager Configuration Guide.
For more information about risk assessment, see the One Identity Manager Risk Assessment Administration Guide.
Related topics