Continuous compliance means that an audit policy is applied to all provisioning operations, such that an account cannot be modified in a way that does not comply with current policy.
You enable continuous compliance by assigning an audit policy to an organization, a user, or both. Any provisioning operations performed on a user will cause the user-assigned policies to be evaluated. Any resulting policy failure will interrupt the provisioning operation.
An organization-based policy set is defined hierarchically. There is only one organization policy set in effect for any user. The applied policy set is the one assigned to the lowest-level organization. For example:
Organization |
Directly Assigned Policy Set |
Effective Policy |
---|---|---|
Austin |
Policies A1, A2 |
Policies A1, A2 |
Marketing |
Policies A1, A2 |
|
Development |
Policies B, C2 |
Policies B, C2 |
Support |
Policies B, C2 |
|
Test |
Policies D, E5 |
Policies D, E5 |
Finance |
Policies A1, A2 |
|
Houston |
<none> |