Working with Identity Auditing in the Administrator Interface
This section describes how to access Identity Auditing features in the Administrator Interface. Email notification templates used in identity auditing are also discussed.
Using the Compliance Section of the Interface
To create and manage audit policies, use the Compliance section of the Identity Manager Administrator interface.
To Use the Compliance section to Create and Manage
Audit Policies
-
Log in to the Administrator interface (Logging in to the Identity Manager End-User Interface).
-
Click Compliance in the menu bar.
The following subtabs (or menu items) are available in the Compliance section:
-
Manage Policies
-
Manage Access Scans
-
Access Reviews
-
Manage Policies
The Manage Policies page lists the policies that you have permission to view and edit. You can also manage access scans from this area.
From the Manage Policies page, you can work with audit policies to accomplish these tasks:
-
Create an audit policy
-
Select a policy to view or edit
-
Delete a policy
Detailed information about these tasks follows in the section A Sample Audit Policy Scenario.
Manage Access Scans
Use the Manage Access Scans tab to create, modify, and delete access scans. Here you can define scans that you want to run or schedule for periodic access reviews. For more information about this feature, see Periodic Access Reviews and Attestation.
Access Reviews
The Access Reviews tab enables you to launch, terminate, delete, and monitor the progress of your access reviews. It displays a summary report of the scan results with information links that enable you to access more detailed information about the review status and pending activities.
For more information about this feature, see Managing Access Reviews.
Identity Auditing Tasks Interface Reference
To look up how to perform other identity auditing tasks in the Administrator interface, see Table B–8. This quick reference tells you where to go to start a variety of auditing tasks.
Email Templates
Identity Auditing uses email-based notification for a number of operations. For each of these notifications, an email template object is used. The email template allows the headers and body of email messages to be customized.
Table 13–1 Identity Auditing Email Templates|
Template Name |
Purpose |
|---|---|
|
Access Review Remediation Notice |
Sent to remediators by an access review when user entitlements are initially created in a remediating state. |
|
Bulk Attestation Notice |
Sent to attestors by an access review when they have pending attestations. |
|
Policy Violation Notice |
Sent to remediators by an audit policy scan when violations occur. |
|
Access Scan Begin Notice |
Sent to an access scan owner when an access review starts a scan. |
|
Access Scan End Notice |
Sent to an access scan owner when an access scan completes. |
- © 2010, Oracle Corporation and/or its affiliates