Working With Audit Policies

An identity audit policy is a collection of audit rules that together enforce SoD business policies. Audit policies consist of metadata, such as the audit policy name, description, severity, creation date, and update data. Audit policies have designated policy owners and policy remediators.

An identity audit policy owner is responsible for the definition of the policy and approves any changes made to the policy. However, it is the remediator's responsibility to take action on an audit policy violation and fix it.

To Create Audit Policies

1. Log in to Oracle Identity Analytics.

2. Choose Identity Audit > Policies.

3. Click New Policy.

4. Enter the following details:

   • Name - Name of the policy.

   • Description - A short description of the policy.

   • Severity - Select from High, Medium, or Low. This information is displayed in the Identity Audit dashboard.

   • Status - Select from Active or Inactive.. 

   • Owner - Name of the owner of the policy. Use the Search option provided to search for the owner. For help using search, see the Searching For a User section in the Identity Warehouse chapter.

5. Complete the Remediator section of the form to choose the user who will act as the remediator for any policy violations.

   • Primary — The primary remediator, who takes precedence over the Default remediator.

   • Default — Name of a remediator. Use the search option provided to search for the remediator.

6. Click Next.

7. Click the Add Rules button.

   The Add Rules to Policy page opens.

8. Select the rules that you want to assign to the policy, or click the New Rule button in the top-left corner to create a new rule for the policy.

   Multiple rules can be assigned to the policy.

9. Click OK to close the Add Rules to Policy page.

10. Click Finish.

    The new policy is created and appears on the Policy page.

To Edit / Change the State of an Audit Policy

1. Log in to Oracle Identity Analytics.

2. Choose Identity Audit > Policies.

   All the policies that have been created are displayed.

3. Click the policy that you want to edit or to make active/inactive.

   The Edit Policy page opens.

4. Edit the fields, as required.

5. Change the state to Active, Inactive, or Decommissioned, as required.

   A decommissioned policy is inactive permanently. This policy cannot be activated again. However, all information about the policy is retained in Oracle Identity Analytics.

6. Click Save.

To Preview Audit Policy Scan Results

Previewing a policy displays the policy scan results without saving them.

1. Log in to Oracle Identity Analytics.

2. Choose Identity Audit > Policies.

   A list of policies is displayed.

3. Find the policy that you want to preview and click Preview.

4. When the User Selection Strategy page opens, select one of the following:

   • All Business Structures - Shows results only on all the business structures in Oracle Identity Analytics.

   • Selected Business Structures - Shows results on the business structures you select.

   • All Users - Shows results on all users in Oracle Identity Analytics.

   • Users Criteria - Shows results on the condition, which applies to users, you create. Click Preview to get an idea of the set of users selected.

   • Selected Users - Shows results on the users you select individually.

5. When a Summary page is displayed, click Preview.

   The View Results page opens showing the status.

6. Click the Policy to view the Scan Job> Policy Violation Preview.

7. Do one of the following:

   • To save the results, click Apply.

   • To delete the results, click Don't Apply.

After an audit policy scan runs, the results are saved to the system. To view the results of the policy scan, click View Results.

Note - The identity audit preview scan results are available only for a day after the scan is complete. Therefore, it is recommended to apply the result or discard them as soon as the scan is complete.

To Run An Audit Policy

1. Log in to Oracle Identity Analytics.

2. Choose Identity Audit > Policies.

   A list of policies is displayed.

3. Find the audit policy scan that you want to run and click Preview.

   You can select multiple policies as well.

   The User Selection Strategy page opens.

4. Select from the following options:

   • All Business Structures - Shows results based on the business structures in Oracle Identity Analytics.

   • Selected Business Structures - Shows results based only on the business structures you select.

   • All Users - Shows results based on all users in Oracle Identity Analytics.

   • Users Criteria - Shows results based on a condition that applies to users you create. Click Preview to get an idea of the set of users selected.

   • Selected Users - Shows results based only on the users you select.

5. Click Next.

   The Summary Page opens.

   • To run a policy immediately, click Run Now.

     A Policies Are Saved for Scan message appears after Oracle Identity Analytics has finished scanning the policy against the chosen criteria.

     1. To view the policy scan results, click View Results.

        The Status column displays the number of violations.

     2. Click Close.

   • To run a policy at a later time or date, click Run Later.

     The Schedule Job page opens.

     1. Enter a task name and description, and select the time and day for the task to start.

     2. Click Next.

        The Summary page opens.

     3. Click Schedule.

        The scan job is scheduled for the desired day and time.