JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Identity Analytics User's Guide 11g Release 1
search filter icon
search icon

Document Information

Preface

1.  Oracle Identity Analytics Overview

2.  Using the Oracle Identity Analytics User Interface

3.  The Home Page

4.  My Settings

5.  My Requests

6.  Identity Warehouse

What Is the Identity Warehouse?

Understanding the Identity Warehouse User Interface

Business Structures

Users

Roles

Policies

Applications

Resources

Working With Users

To Create a User

To Rename a User

To Delete a User

Searching for a User

To Search for a User (Quick Search)

To Search for a User (Advanced Search)

Viewing User Details

To View User Accounts (Entitlements)

To View a User's Account Type

Working With Business Structures

To Delete a Business Structure

To Create a Business Structure Hierarchy

Associating Users With Roles and Business Structures

To Associate a User With a Role

To Associate a User With a Business Structure

Setting User Status

To Set User Status

Working With Policies

To Create a Policy

To Delete or Rename Policies

To Associate Policies With Resources

To Add Policies To Roles

To Associate Policy Owners With Policies

To Approve Policy Change Requests

To Manage Lifecycle of Policies

Working With Roles

To Search for a Role

Creating Roles

To Create Roles Manually

To Create Roles From Existing Roles

To Create Roles Based On an Existing User

To Rename, Modify, or Decommission (Delete) a Role

To Associate Roles With Business Units

To Associate Role Owners With Roles

To Create a Role Hierarchy

To Approve Role Change Requests

To Manage the Lifecycle of Roles

Setting the Segregation of Duties at the Role and Policy Levels

To Define Segregation of Duties at the Role Level

To Define Segregation of Duties at the Policy Level

7.  Identity Certification

8.  Identity Audit

9.  Reports

Setting the Segregation of Duties at the Role and Policy Levels

Define Segregation of Duties (SoD) to separate certain duties or areas of responsibility so that they cannot be assigned to the same person. By defining Segregation of Duties, you reduce opportunities for unauthorized modification or misuse of data or services. Segregation of Duties is a primary internal control intended to prevent (or decrease the risk of) errors or irregularities, identify problems, and ensure that corrective action is taken. This is done by assuring that no single individual has control over all phases of a transaction. Oracle Identity Analytics performs SoD at the role and policy levels.

To Define Segregation of Duties at the Role Level

  1. Log in to Oracle Identity Analytics.

  2. Choose Identity Warehouse > Roles.

  3. Click a role, then click the Exclusion Roles tab.

  4. Click Add Exclusion Roles.

  5. Add the roles that need to be excluded.

  6. Click Save or Send For Approval.

To Define Segregation of Duties at the Policy Level

As with roles, segregation of duties can be defined at the policy level.

  1. Log in to Oracle Identity Analytics.

  2. Choose Identity Warehouse > Policies.

  3. Click a policy to select it and go to the Exclusion Policies tab.

  4. Click Add Exclusion Policies.

  5. Add the policies to be excluded.

  6. Click Save or Send For Approval.

As with roles, when a policy is added to a role, the excluded policies cannot be assigned to a role.