Contents

List of Figures

List of Tables

Title and Copyright Information

Preface

• Audience
• Documentation Accessibility
• Related Documents
• Conventions

1 Oracle Identity Analytics Overview

• 1.1 Introducing the Role-Based Access Control Model
• 1.2 Understanding Oracle Identity Analytics Benefits
• 1.3 Understanding the Oracle Identity Analytics Model
  • 1.3.1 Identity Warehouse
  • 1.3.2 Identity Certification
  • 1.3.3 Role Engineering and Management
  • 1.3.4 Identity Auditing
• 1.4 Understanding Oracle Identity Analytics Components and Terminology
  • 1.4.1 Understanding Users
  • 1.4.2 Understanding Resources and Resource Types
  • 1.4.3 Understanding Business Structures
  • 1.4.4 Understanding the User Store
  • 1.4.5 Understanding Roles
  • 1.4.6 Understanding Policies
  • 1.4.7 Understanding Orphan Accounts

2 Using the Oracle Identity Analytics User Interface

• 2.1 Logging In to Oracle Identity Analytics
  • 2.1.1 To Log In to the User Interface
• 2.2 Using the Oracle Identity Analytics User Interface Menu

3 The Home Page

• 3.1 Home Page
  • 3.1.1 To Open the Home Page
  • 3.1.2 My Requests
  • 3.1.3 My Certifications
  • 3.1.4 Business Structure Users
  • 3.1.5 Certify/Revoke Statistics
  • 3.1.6 Identity Audit Policy Violations

4 My Settings

• 4.1 My Settings Tab
  • 4.1.1 My Profile
    • 4.1.1.1 To Change Your User Name and Email Address
    • 4.1.1.2 To Change Your Password
  • 4.1.2 My Proxy Assignments
    • 4.1.2.1 To Delegate Certification-Related Duties to Another User

5 My Requests

• 5.1 My Requests Tab
  • 5.1.1 To Approve Pending Requests
  • 5.1.2 To View Completed Requests

6 Identity Warehouse

• 6.1 What Is the Identity Warehouse?
• 6.2 Understanding the Identity Warehouse User Interface
  • 6.2.1 The Identity Warehouse > Business Structures Page
    • 6.2.1.1 Tabs on the Identity Warehouse - Business Structures Page
  • 6.2.2 The Identity Warehouse > Users Page
    • 6.2.2.1 Tabs on the Identity Warehouse - Users - User Detail Page
  • 6.2.3 The Identity Warehouse > Roles Page
    • 6.2.3.1 Tabs on the Identity Warehouse - Roles Page
  • 6.2.4 The Identity Warehouse > Policies Page
    • 6.2.4.1 Tabs on the Identity Warehouse - Policies Page
  • 6.2.5 The Identity Warehouse > Applications Page
    • 6.2.5.1 Tabs on the Identity Warehouse - Application - Application Detail Page
  • 6.2.6 The Identity Warehouse > Resources Page
    • 6.2.6.1 Tabs on the Identity Warehouse - Resources Page
• 6.3 Working With Users
  • 6.3.1 Searching for a User
    • 6.3.1.1 To Search for a User (Quick Search)
    • 6.3.1.2 To Search for a User (Advanced Search)
  • 6.3.2 To Create a User
  • 6.3.3 To Rename a User
  • 6.3.4 To Delete a User
  • 6.3.5 Viewing User Details
    • 6.3.5.1 To View User Accounts (Entitlements)
    • 6.3.5.2 To View a User's Account Type
  • 6.3.6 Setting User Status
    • 6.3.6.1 To Set User Status
  • 6.3.7 To Assign a Role to a User
  • 6.3.8 To Associate a User With a Business Structure
• 6.4 Working With Business Structures
  • 6.4.1 To Delete a Business Structure
  • 6.4.2 To Create a Business Structure Hierarchy
• 6.5 Working With Policies
  • 6.5.1 Understanding the Policy Approval Process
    • 6.5.1.1 Approving Policy Change Requests
  • 6.5.2 To Create a Policy
  • 6.5.3 To Delete or Rename Policies
  • 6.5.4 To Associate Policies With Resources
  • 6.5.5 To Add Policies To Roles
  • 6.5.6 To Associate Policy Owners With Policies
• 6.6 Working With Roles
  • 6.6.1 Understanding the Role Approval Process
    • 6.6.1.1 Approving Role Change Requests
  • 6.6.2 To Search for a Role
  • 6.6.3 Creating Roles
    • 6.6.3.1 To Create Roles Manually
    • 6.6.3.2 To Create Roles From Existing Roles
    • 6.6.3.3 To Create Roles Based On an Existing User
  • 6.6.4 To Rename, Modify, or Decommission (Delete) a Role
  • 6.6.5 To Assign a User to a Role
  • 6.6.6 To Associate Roles With Business Units
  • 6.6.7 To Associate Role Owners With Roles
  • 6.6.8 To Create a Role Hierarchy
• 6.7 Setting the Segregation of Duties at the Policy and Role Levels
  • 6.7.1 To Define Segregation of Duties at the Policy Level
  • 6.7.2 To Define Segregation of Duties at the Role Level (Optional)

7 Identity Certification

• 7.1 Identity Certification Overview
  • 7.1.1 What Is Identity Certification?
  • 7.1.2 What is Closed-Loop Remediation?
  • 7.1.3 Who Is Involved in Completing Identity Certifications?
• 7.2 Understanding the Identity Certification User Interface
  • 7.2.1 The Dashboard
  • 7.2.2 Remediation Tracking
  • 7.2.3 Certification Jobs
  • 7.2.4 My Certifications
• 7.3 Understanding the Certification Pages
  • 7.3.1 Certification Pages Overview
  • 7.3.2 User Entitlement Certification Help
    • 7.3.2.1 User Entitlement Certification - Summary Page
    • 7.3.2.2 User Entitlement Certification - Roles Detail Page
    • 7.3.2.3 User Entitlement Certification - Entitlements Detail Page
  • 7.3.3 Role Entitlement Certification Help
    • 7.3.3.1 Role Entitlement Certification - Summary Page
    • 7.3.3.2 Role Entitlement Certification - Policies Detail Page
    • 7.3.3.3 Role Entitlement Certification - Members Detail Page
  • 7.3.4 Resource Entitlement Certification Help
    • 7.3.4.1 Resource Entitlement Certification - Summary Page
    • 7.3.4.2 Resource Entitlement Certification - Accounts and Entitlements Detail Page
  • 7.3.5 Data Owner Certification Help
    • 7.3.5.1 Data Owner Certification - Summary Page
    • 7.3.5.2 Data Owner Certification - Entitlement Detail Page
  • 7.3.6 Certification Details Help
    • 7.3.6.1 Certification Overview
    • 7.3.6.2 Certification History
  • 7.3.7 Help for More-Info Pop-Up Pages
    • 7.3.7.1 Role Meta-Information Pop-Up Help
    • 7.3.7.2 Accounts Meta-Information Pop-Up Help
    • 7.3.7.3 Attribute Meta-Information Pop-Up Help
    • 7.3.7.4 Policy Meta-Information Pop-Up Help
• 7.4 Completing Certifications
  • 7.4.1 To Find and Open Your Certifications
  • 7.4.2 To Delegate a Certification to Another User
  • 7.4.3 To Complete a User Entitlement Certification
    • 7.4.3.1 Step One: Re-Assign Users Who do not Work for You
    • 7.4.3.2 Step Two: Review Roles and Entitlements and Revoke Those That No Longer Apply
    • 7.4.3.3 Step Three: Bulk Certify Low-Risk Users (Optional)
    • 7.4.3.4 Step Four: Complete the User Entitlement Certification
  • 7.4.4 To Complete a Role Entitlement Certification
    • 7.4.4.1 Step One: Decline the Roles That do not Belong to You
    • 7.4.4.2 Step Two: Review the Contents of Your Roles
    • 7.4.4.3 Step Three: Bulk Certify Low-Risk Roles (Optional)
    • 7.4.4.4 Step Four: Complete the Role Entitlement Certification
  • 7.4.5 To Complete a Resource Entitlement Certification
    • 7.4.5.1 Step One: Decline the Resources That do not Belong to You
    • 7.4.5.2 Step Two: Review Your Account and Attribute Assignments
    • 7.4.5.3 Step Three: Bulk Certify Resources With Low-Risk Assignments (Optional)
    • 7.4.5.4 Step Four: Complete the Resource Entitlement Certification
  • 7.4.6 To Complete a Data Owner Certification
    • 7.4.6.1 Step One: Decline the Data Sources That do not Belong to You
    • 7.4.6.2 Step Two: Review Your User Assignments
    • 7.4.6.3 Step Three: Bulk Certify Data Sources With Low-Risk Assignments (Optional)
    • 7.4.6.4 Step Four: Complete the Data Owner Certification
  • 7.4.7 To De-provision Accounts During The Certification Process
• 7.5 Viewing Certification Reports
  • 7.5.1 To View a Certification Report
  • 7.5.2 Certification Reports Available in Oracle Identity Analytics

8 Identity Audit

• 8.1 Identity Audit Overview
• 8.2 Understanding the Identity Audit User Interface
  • 8.2.1 The Dashboard
  • 8.2.2 Policies
  • 8.2.3 Rules
  • 8.2.4 Policy Violations
• 8.3 Understanding Audit Policy Violations
• 8.4 Acting on Audit Policy Violations
  • 8.4.1 To Assign an Audit Policy Violation to Another User
  • 8.4.2 To View and Take Action on Audit Policy Violations
  • 8.4.3 Audit Violation Details Help
  • 8.4.4 To View Audit Trails
  • 8.4.5 To Export A Violation

9 Reports

• 9.1 Overview
• 9.2 Understanding the Reports User Interface
  • 9.2.1 The Dashboard
  • 9.2.2 Sign Off Reports
  • 9.2.3 Ad Hoc Reports
  • 9.2.4 Schedule Reports
  • 9.2.5 Custom Reports
• 9.3 Working With Reports
  • 9.3.1 To Schedule Reports
  • 9.3.2 To Sign Off on Reports
• 9.4 Defining Business Structure Reports
  • 9.4.1 To Generate Business Structure Reports
• 9.5 Defining System Reports
  • 9.5.1 To Generate System Reports
• 9.6 Defining Identity Audit Reports
  • 9.6.1 To Generate Identity Audit Reports
• 9.7 Defining Custom Reports
  • 9.7.1 To Run Custom Reports