For more information about creating and editing mail template, see the One Identity Manager Operational Guide.
A mail template consists of general main data such as target format, importance, or mail notification confidentiality, and one or more mail definitions. Mail text is defined in several languages in the mail template. This ensures that the language of the recipient is taken into account when the email is generated.
To create and edit mail templates
-
In the Manager, select the Identity Audit > Basic configuration data > Mail templates category.
This shows all the mail templates that can be used for Identity Audit in the result list.
-
Select a mail template in the result list and run the Change main data task.
- OR -
Click 
in the result list.
This opens the mail template editor.
-
Edit the mail template.
- Save the changes.
To copy a mail template
-
In the Manager, select the Identity Audit > Basic configuration data > Mail templates category.
This shows all the mail templates that can be used for Identity Audit in the result list.
-
Select the mail template that you want to copy in the result list and run the Change main data task.
-
Select the Copy mail template task.
-
Enter the name of the new mail template in the Name of copy field.
- Click OK.
To display a mail template preview
-
In the Manager, select the Identity Audit > Basic configuration data > Mail templates category.
This shows all the mail templates that can be used for Identity Audit in the result list.
-
Select a mail template in the result list and run the Change main data task.
-
Select the Preview task.
-
Select the base object.
- Click OK.
To delete a mail template
-
In the Manager, select the Identity Audit > Basic configuration data > Mail templates category.
This shows all the mail templates that can be used for Identity Audit in the result list.
-
Select the template in the result list.
-
Click 
in the result list.
- Confirm the security prompt with Yes.
Related topics
Effective permissions of employees, roles, or user accounts are checked in the context of Identity Audit on the basis of regulatory requirements. Violation of regulatory requirements can harbor different risks for companies. To evaluate these risks, you can apply risk indexes to compliance rules. These risk indexes provide information about the risk involved for the company if a particular rule is violated. Once the risks have been identified and evaluated, mitigating controls can be implemented.
Mitigating controls are independent on One Identity Manager’s functionality. They are not monitored through One Identity Manager.
Mitigating controls describe controls that are implemented if a compliance rule was violated. The next rule check should not find any rule violations once the controls have been applied.
An example of a mitigating control is the assignment of system entitlements only through authorized requests in the IT Shop. If system entitlements are issued to the employee through the IT Shop, a rule check can be integrated into the request’s approval process. System entitlements that would lead to a rule violation are therefore assigned not at all or only after gaining exception approval. The risk that rules are violated is thus reduced.
To edit mitigating controls
- In the Designer, set the QER | CalculateRiskIndex configuration parameter and compile the database.
If you disable the configuration parameter at a later date, model components and scripts that are not longer required, are disabled. SQL procedures and triggers are still carried out. For more information about the behavior of preprocessor relevant configuration parameters and conditional compiling, see the One Identity Manager Configuration Guide.
For more information about risk assessment, see the One Identity Manager Risk Assessment Administration Guide.
To create or edit mitigating controls
-
In the Manager, select the Risk index functions > Mitigating controls category.
-
Select a mitigating control in the result list and run the Change main data task.
- OR -
Click in the result list.
-
Edit the mitigating control main data.
- Save the changes.
Enter the following main data of mitigating controls.
Table 32: General main data of a mitigating control
|
Measure |
Unique identifier for the mitigating control. |
|
Significance reduction |
When the mitigating control is implemented, this value is used to reduce the risk of denied attestation cases. Enter a number between 0 and 1. |
|
Description |
Detailed description of the mitigating control. |
|
Functional area |
Functional area in which the mitigating control may be applied. |
|
Department |
Department in which the mitigating control may be applied. |
Use this task to specify for which compliance rules a mitigating control is valid. You can only assign original rules on the assignment form.
To assign compliance rules to mitigating controls
-
In the Manager, select the Risk index functions > Mitigating controls category.
-
Select the mitigating control in the result list.
-
Select the Assign rules task.
-
In the Add assignments pane, assign the compliance rules.
TIP: In the Remove assignments pane, you can remove assigned compliance rules.
To remove an assignment
- Save the changes.
Creating and editing mail templates
.