This chapter describes various aspects of policy management and how to use policies in Oracle Enterprise Repository.
This chapter contains the following sections:
Policies are applied to assets in order to communicate asset requirements that need to be considered during design and development, and to provide administrators with the means to enforce and monitor asset compliance with governance, architecture, and other organizational standards. For example, a policy might articulate corporate quality standards, identifying the platforms that an asset should run on, and identifying acceptable defect density rates.
A policy can be applied to multiple assets. Multiple policies can be applied to any asset. Each policy consists of at least one Assertion Statement:
Each assertion has a name and description, and includes a Technical Definition. The Technical Definition accommodates additional metadata that may be required to automatically validate the assertion using third party testing and validation tools. This metadata may be Web service-specific policy information, XML, or any other format that can be read by an external system.
For example, an assertion statement for Defect Density might state that defect density must be less than .1%
Sample policies are included in the Oracle Enterprise Repository Base datapack and are imported into your Oracle Enterprise Repository instance. For more information about Oracle Enterprise Repository Import/Export capabilities, see "Import Export Tool" in Oracle Fusion Middleware User Guide for Oracle Enterprise Repository.
To activate the policy management feature, perform the following steps:
This procedure is performed on the Oracle Enterprise Repository Admin screen.
Click System Settings in the left pane.
Enter policy in the System Settings Search text box, as shown in Figure 14-1.
The Policy Management group is displayed, as shown in Figure 14-2.
Ensure the Enable Asset Policies property is set to
Use the options to make the appropriate selection for the Collapse Policy Assertions property.
True sets the default Asset Detail display of assertions to collapsed.
False sets the default Asset Detail display of assertions to expanded.
Select Policy Applies To in the Asset Policy Relationship list.
When finished, click the Save button. Policy management features are now activated.
Note:The settings are VISIBLE and OFF, by default, on install. The user must set the property to the correct value as described in the documentation to turn ON the feature.
After configuring the Policy Management system settings, the sample policy types and policy examples can be obtained by installing the Policy-Management-Solution-Pack.zip from <ORACLE_HOME>/repositoryXXX/core/tools/solutions, and then using the Import/Export Tool to import them into your environment.
If you prefer to create your own policy instead of using the policy template in the Base Data, you can do so, which is explained in this section. A policy type template can be created using any existing asset type or compliance template type as the basis. A Policy Type is included in the Policy Management Solution Pack.
Click Edit/Manage Assets in the Oracle Enterprise Repository Assets screen to launch the Asset Editor.
Open the Actions menu in the Asset Editor.
Click Manage Types to launch the Type Manager.
Open the File menu and click New. The Create New Type dialog is displayed.
Select a template from the Type for Defaults list, as shown in Figure 14-4.
Enter a name in the Type Name box.
Select Policy Type from the Archetype list in the Editor tab in the Type Manager.
A policy assertion states that conditions must be true for an asset. For example, a policy assertion might state that the asset should have a "defect density rate of less that 1%". Each assertion is validate individually. If the asset satisfies all assertions (meaning that all assertions have a "pass" status in Oracle Enterprise Repository), then the asset is compliant with the applied policy. In order for the new Policy template to function properly, the Policy Assertions element must be added. This simple procedure is performed in the Type Manager.
The Policy Assertions element may be added to any tab in the Policy template. The following instructions will add the Policy Assertions element to the Overview tab.
Select Overview in the Tabs section of the Type Manager.
Any elements already assigned to the Overview tab is listed in the Elements section of the Type Manager, as shown in Figure 14-6.
Click Add. The Select an Element Type to Add dialog is displayed.
Select Policy Assertions from the Element Type list, as shown in Figure 14-7.
Click OK. The Edit Policy Assertions dialog is displayed, as shown in Figure 14-8.
Enter a name for the Policy Assertion in the Display Name text box. (The example below uses "Policy Assertions" as the name for the element.)
Click OK. The Policy Assertions element now appears in the Elements list.
Note:Any asset type which contains Assets associated with Policies, requires the Policy Assertion element.
A Policy is a very specific type of asset, with a unique relationship to other assets. Policies are created using a Policy Type.
This procedure is performed in the Asset Editor.
Open the File menu and click New. The Create a New Asset dialog is displayed.
Enter a name for the policy in the Name text box, as shown in Figure 14-9.
Enter a version number (optional).
Select the appropriate policy type from the Type pull-down.
Select the appropriate Initial State from that pull-down.
Click OK. The policy opens in the Asset Editor.
Click Add in the Policy Assertions section. The Edit dialog is displayed.
Fill in the Name, Description, and Technical Definition sections as appropriate.
Note:Name and Description are human-readable information; Technical Definition should be machine-readable (XML or similar) information that allows an assertion to be passed to other processes and tooling for validation.
Click OK. The new policy assertion is displayed in the Policy Assertions section.
Repeat the procedure to add additional assertions to the policy.
Policies can only be applied to assets of types to which the Applied Asset Policies element has been added. For example, if a Corporate Quality Policy is applicable to all services, then the Applied Asset Policies element must be added to the Service asset type to allow the policy to be applied.
The procedure for adding the Applied Asset Policies element is performed in the Type Manager and is nearly identical to the Adding the Policy Assertion Element to the Policy Type procedure.
Note:Prior to adding the Applied Asset Policies element to a type, you need to import the Harvester Solution Pack to enable the policies. For more information about importing Harvester Solution Pack, see Oracle Fusion Middleware Installation Guide for Oracle Enterprise Repository.
Open the selected asset type. In the right panel, select the Editor Tab.
In the Tabs section, select the tab to which the Applied Asset Policies element is added.
In the Elements section, click Add. The Select an Element Type to Add dialog is displayed.
Select the Applied Asset Policies option from the Element Type list.
Click OK. The Edit Applied Asset Policies dialog is displayed.
Enter an appropriate name in the Display Name text box.
Click OK. The Applied Asset Policies element appears bearing its assigned name in the list in the Elements section.
Change the right panel display to the Viewer Tab.
In the Hidden Elements section, select the Applied Asset Policies element. The Move Element dialog is displayed.
Select an appropriate Applied Asset Policies element from the Move Applied Asset Policies to list.
Save the Asset Type.
Note:User must be assigned the Apply Policy permission in the Policy Basic Access Setting.
The procedure for adding a policy to an asset is performed in the asset detail display.
Using Oracle Enterprise Repository's Search or other means, locate the asset to which the policy is to be added.
Click the Apply Policies button in the asset detail display, as shown in Figure 14-13.
Click List All Policies to display a list in the Available Asset Policies box, as shown in Figure 14-14.
Use the >> or All >> buttons to move selected policies to the Applied Asset Policies box.
In the example above the Sample Policy - Corporate Quality Standards policy has been applied.
A confirmation message is displayed, as shown in Figure 14-15.
Refresh the asset detail frame.
The presence of the icon in the Overview section of the asset detail, as shown in Figure 14-16, indicates that a policy has been applied. (A smaller version of the same icon indicates policy assignment for assets listed in search results.)
Note that Sample Policy - Corporate Quality Standards is identified as an applied policy in the Relationships section of the asset detail, as shown in Figure 14-17. Click the text link for any listed policy to display its details.
The Relationships section of the policy detail lists the assets to which Sample Policy - Corporate Quality Standards has been applied. Click the link for Sample Service - Account Detail (2.0) to return to the detail display for that asset.
Note:Multiple policies may be applied to any eligible asset.
Policy status is indicated by the specific icon that appears in the asset detail display and in search results. (Policy status is also indicated in the in the optional Navigator.)
Policy status is determined by the asset's compliance with assertion statements within applied policies. If multiple policies are applied, the asset achieves passed status only when in compliance with each applied policy.
Similarly, since a policy can consist of multiple assertion statements, an asset achieves passed status only when in compliance with all assertion statements within all applied policies.
Description of the illustration exckicon.gif
Indicates that one or more policies have been applied to the asset, and that pass/fail status is indeterminate.
Any combination of passed and indeterminate assertion statements results in indeterminate asset status.
Description of the illustration passed_icon.gif
Indicates that the asset is in compliance with every assertion statement within every applied policy.
Description of the illustration failed_icon.gif
Indicates that the asset is not in compliance with all assertion statements within all applied policies.
Failure to comply with any assertion statement within any applied policy results in Failed status.
Policy assertions can be validated manually through Oracle Enterprise Repository or automatically using testing and validation tools. This document will cover the manual validation of policy assertions. For automatic validation processes, refer to the documentation for your specific testing and validation tools.
Manual validation of policy assertions is performed in the Asset Editor.
Locate the asset to be updated.
Locate the Applied Asset Policies section within the asset.
The specific label and location of this section is determined by the configuration of the Policy element within the Type template.
Select the policy to be updated in Figure 14-18.
Click Details. The View Policy dialog is displayed, as shown in Figure 14-19.
The asset's compliance status with any policy listed in the View Policy section is indicated in the Result column. In the example above the status unknown indicates that the policy has been applied to the asset but compliance with that policy's assertion statement(s) has not been evaluated.
Select the assertion statement to be updated.
Click Edit. The Edit Assertion Result dialog is displayed, as shown in Figure 14-20.
Click the Evaluation Value list and select the appropriate status, as shown in Figure 14-21.
In this example the pass status is selected. Note that additional details can be provided in Evaluation Information.
Click OK. The updated status is displayed in the Result column in the View Policy dialog, as shown in Figure 14-22.
Note:To change an assertion value back to unknown, select the assertion and click Clear.
Continue to validate remaining assertions in the same manner.
When finished, click OK to close the View Policy dialog.
Save the changes to the asset.
An icon with a green tick mark appears in the asset detail, as shown in Figure 14-23.
It also appears next to the asset's name in search results, indicating policy compliance, as shown in Figure 14-24.
There are two different kinds of policy reports describes in this section:
This report provides a summary of the policy status (pass, fail, unknown) for an organization's entire asset portfolio. The report then allows you to view a list of assets for each status, for example, all of the assets that are failing. The detailed reports list all policies applied to each asset and the status of all policy assertions.
This report provides a summary of all policies in an organization's policy portfolio, and the number of assets that are passing, failing, or have an unknown status. This report also shows a detailed list of the assets that are governed by each policy, and the number of assertions that are passing, failing, or have an unknown status.
To run the Oracle Enterprise Repository reports:
In Oracle Enterprise Repository Reports page, click a report name. The BI Publisher opens the Reports tab is a new browser window, as shown in Figure 14-25.
Click the View button. The details of the selected report are displayed, as shown in Figure 14-26.
You can select different formats, as shown in Figure 14-27, from the second list that appears next to Template.
In the Asset Portfolio Management section, click the Asset Portfolio Policy Status option. The Asset Portfolio Policy Status page is displayed, as shown in Figure 14-28.
To view the detail for a set of assets, click the number next to the icon for the appropriate Policy Status. The Asset Portfolio Policy Status - Status detail report is displayed, as shown in Figure 14-29.
In the Asset Portfolio Management section, click the Policy Status option. The Policy Status Report page is displayed, as shown in Figure 14-30.