Compliance framework details (page description)
To open the Compliance Frameworks page go to Compliance > Governance Administration > Compliance Frameworks > click list entry.
On the Compliance Frameworks page, you will see a overview of a specific compliance framework displayed as a HyperView (after you select it on the Compliance Frameworks page) and you can create a report listing the compliance framework's rule violation (see Displaying compliance frameworks).
The following table gives you an overview of the various features on the Compliance Frameworks page.
Table 255: Controls
|
Rule overview report |
Use this button to generate a report about the compliance framework's rule violations. |
High risk overview (page description)
To open the High Risk Overview page go to Compliance > Governance Administration > High Risk Overview.
On the High Risk Overview page, you can get overview of the objects with the highest risk factor (see Displaying high risk objects). This can help you prioritize when managing your business resources. Company resources have risk values, which provide the risk index when combined with risk index functions.
The following tables give you an overview of the various features and content on the High Risk Overview page.
Table 256: Controls
|
Show all high risk objects |
Select this check box if you want to show all the high risk objects (instead of just the top 10) (see Displaying high risk objects). |
Table 257: Columns
|
High Risk Objects |
|
Display name |
Shows you the object's display name. |
|
Object type |
Shows you the type of object. |
|
Risk index |
Show the object's risk index. |
|
High Risk Employees |
|
Full name |
Shows the identity's name. |
|
Primary department |
Shows you to which department the identity is primarily assigned. |
|
Risk index (calculated) |
Shows you the identity's calculated risk index. |
|
High Risk Business roles |
|
Business role |
Shows the business role's name. |
|
Role class |
Shows the business role's role class. |
|
Risk index (calculated) |
Shows you the business role's calculated risk index. |
|
High Risk System roles |
|
System role |
Shows the system role's internal name. |
|
Display name |
Shows the system role's display name. |
|
System role manager |
Shows you the name of the identity responsible for the system role. |
|
Risk index (calculated) |
Shows you the system role's calculated risk index. |
|
High Risk System entitlements |
|
Display |
Shows the system entitlement's display name. |
|
Group type |
Shows the system entitlement's group type. |
|
Risk index |
Shows the system entitlement's risk index. |
|
High Risk User accounts |
|
Login name |
Shows you the user name of the user account used to log in. |
|
Name |
Shows you the user account's display name. |
|
Employee |
Shows you the name of the identity to which the user account is primarily assigned. |
|
Container |
Shows you in which container the user account is located. |
|
Risk index (calculated) |
Shows you the calculated user account's risk index. |
TIP: You can show less data by using the column filters. For more information, see Filtering.
Rule violations (page description)
To open the Rule Violations page go to Compliance > Governance Administration > Rule Violations.
On the Rule Violations page, you get an overview of compliance rules and the corresponding rule violations and generate detailed reports on them (see Displaying compliance rules and rule violations). This information can help to determine gaps in your security or compliance policies and to develop attestation policies or mitigating controls. Mitigation comprises processes existing outside the One Identity Manager solution and that reduce the risk of violation.
The following tables give you an overview of the various features and content on the Rule Violations page.
Table 258: Controls
|
By framework |
Enable this option to display all compliance rules associated with compliance frameworks for which you are responsible. |
|
By department |
Enable this option to display all compliance rules violated by identities belonging to departments for which you are responsible. |
|
By rule |
Enable this option to display all compliance rules for which you are responsible. |
|
By approval role |
Enable this option to display all compliance rules for which you are allowed to grant exceptions. |
|
All compliance rules |
Enable this option to display all compliance rules. |
Table 259: Controls in the detail pane of a compliance rule
|
Show details |
This opens the <rule> page (see Rule details (page description)).
Use this button to display more details about the compliance rule as a HyperView (see Displaying compliance rules and rule violations). |
|
Report |
Use this button to generate a report listing the rule violations (see Displaying compliance rules and rule violations).
The report contains a risk assessment for you to use for prioritizing violations and on which to base subsequent planning. The risk assessment takes into account many risk factors that arise from violations and represents the risk as a value between 0 (no risk) and 1 (high risk). |
Table 260: Columns
|
Rule name |
Shows you the compliance rule's name. |
|
Risk index |
Shows the severity of the rule violation (meaning the calculated risk index). The higher this value is, the higher the risk that this rule violation poses. |
|
Risk index (reduced) |
Shows the risk index taking mitigating controls into account. A rule’s risk index can be reduced by a significance amount after mitigating controls have been applied.
Mitigating controls are processes that exist outside the One Identity Manager solution and that reduce the risk of violation. For more information, see Compliance – Governance Administration. |
|
Rule violations (new) |
Shows you how often the compliance rule has been violated recently. |
|
Rule violations (all) |
Shows you how often the compliance rule is violated. |
|
Rule group |
Shows you the rule group to which the compliance rule belongs based on its content. |
|
Compliance framework |
Shows you the compliance framework to which the compliance rule belongs. |
TIP: You can show less data by using the column filters. For more information, see Filtering.
TIP: You can see more information about each compliance rule in the details pane. To do this, click the corresponding entry in the list.
Rule details (page description)
To open the <rule name> details page go to Compliance > Governance Administration > Rule Violations > click an entry in the list.
On the <rule name> details page, you will see a overview of a specific company policy displayed as a HyperView (after you select Show Details on the Rule violations page) and you can create a report listing the rule violations.
The following table gives you an overview of the various features on the <rule name> details pane.
Table 261: Controls
|
Report |
Use this button to generate a report listing the rule violations.
The report contains a risk assessment for you to use for prioritizing violations and on which to base subsequent planning. The risk assessment takes into account many risk factors that arise from violations and represents the risk as a value between 0 (no risk) and 1 (high risk). |
