Chat now with support
Chat with Support

Identity Manager 9.2 - Web Portal User Guide

General tips and getting started Managing reports Requests
Setting up and configuring request functions Requesting products Managing the Saved for Later list Pending requests Displaying request history Canceling requests Renewing products with limit validity periods Unsubscribing products Displaying requests Undoing approvals Managing request inquiries directed at you
Managing attestations Pending attestations Displaying attestation history Managing attestation inquiries directed at you
Compliance Managing risk index functions Responsibilities
My responsibilities
Managing my departments Managing my application roles Managing my devices Managing my business roles Managing my identities Managing my cost centers Managing my multi-request resources Managing my multi requestable/unsubscribable resources Managing my resources Managing my software applications Managing my locations Managing my system entitlements Managing my system roles Managing my assignment resources
Managing task delegations Ownerships
Managing data
Managing departments Managing user accounts Managing business roles Managing identities Managing cost centers Managing multi-request resources Managing multi requestable/unsubscribable resources Managing resources Managing locations Managing system entitlements Managing system roles Managing assignment resources
Opening other web applications Managing tickets Appendix: Attestation conditions and approval policies from attestation procedures


Companies have different requirements that they need for regulating internal and external identities' access to company resources. On the one hand, rule checks are used for locating rule violations and on the other hand, to prevent them. By using these rules, you can demonstrate compliance with legislated regulations such as the Sarbanes-Oxley Act (SOX). The following demands are made on compliance:

  • Compliance rules define what an identity is entitled to do or not do. For example, an identity may not have both entitlements A and B at the same time.

  • Company policies are very flexible, and can be defined for any company resources you are managing with Manager. For example, a policy might only allow identities from a certain department to own a certain entitlement.

  • Each item that an identity can access, can be given a risk value. A risk index can be calculated for identities, accounts, organization, roles, and for the groups of resources available for request. You can then use the risk indexes to help prioritize your compliance activities.

Some rules are preventative. For example, a request will not be processed if it violates the rules, unless exception approval is explicitly granted and an approver allows it. Compliance rules (if appropriate) and company policies are run on a regular schedule. and violations appear in the identity’s Web Portal to be dealt with there. Company policies can contribute to mitigation control by reducing risk. For example, if risks are posed by identities running processes outside the One Identity Manager solution and causing violations. Reports and dashboards provide you with comprehensive compliance information

Detailed information about this topic

Managing compliance rules

One Identity Manager can be used to define rules that maintain and monitor regulatory requirements and automatically deal with rule violations. Define compliance rules to test entitlements or combinations of entitlements in the context of identity audit for identities in the company. On the one hand, existing rule violations can be found by checking rules. On the other hand, possible rule violations can be preemptively identified and thus prevented.

For more information about compliance rules, see the One Identity Manager Compliance Rules Administration Guide.

Detailed information about this topic

Displaying compliance rules

You can display a overview of compliance rules.

To display all compliance rules

  1. In the menu bar, click Compliance > Compliance rules.

    This opens the Compliance rules page.

  2. (Optional) To further limit or extend which compliance rules are displayed, click (Filter) and in the context menu, under Status, select one of the following filters:

    • Activated: Select this filter to display only enabled compliance rules.

    • Deactivated: Select this filter to display only disabled compliance rules.

    TIP: To view all the compliance rules, clear the filter. To do this, click Clear filters on the context menu.

  3. (Optional) To display details of a compliance rule, click the corresponding compliance rule.

Detailed information about this topic

Displaying rule violations of compliance rules

You can display the rule violations of certain compliance rules. This information can help to determine gaps in your security or compliance policies and to develop attestation policies or mitigating controls.

TIP: For more information about displaying rule violations that you can approve, see Displaying approvable rule violations.

To display the rule violations of a compliance rule

  1. In the menu bar, click Compliance > Compliance rules.

  2. On the Compliance Rules page, click the compliance rule whose rule violations you want to display.

  3. In the View Compliance Rule Details pane, click the Rule violations tab.

  4. (Optional) To display details of a rule violation, click the appropriate rule violation.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating