1. Oracle Identity Analytics Overview
2. Using the Oracle Identity Analytics User Interface
Understanding the Identity Audit User Interface
Understanding Audit Policy Violations
Acting on Audit Policy Violations
To Assign an Audit Policy Violation to Another User
The Identity Audit module is designed to detect segregation of duties (SoD) violations. A segregation of duties violation is a violation whereby a user account, a user attribute, or a role has been assigned two entitlements that should not be held in combination.
While the identity certification module enables managers to certify or revoke access of users, the identity audit module has a detection mechanism that monitors users' actual access to resources and captures any violations on a continuous basis. The software can also be programmed to conform to audit policies and report exceptions. It provides a summary of all exceptions, which helps security analysts, executives, or auditors accept or mitigate the exceptions.
In Oracle Identity Analytics, audit rules define violations. Audit rules are collected together to create an audit policy. User accounts and business structures are then scanned for audit policy violations. User accounts, user attributes, and roles that violate an identity audit policy are flagged and tracked until the violation is resolved.
Use the Identity Audit module to create and track audit rules, audit policies, and audit policy violations throughout the audit lifecycle. The module maintains a history of audit scans.