Sun Identity Manager 8.1 Business Administrator's Guide

Periodic Compliance

Periodic compliance means that Identity Manager evaluates policy on-demand. Any noncompliant conditions are captured as compliance violations.

When executing periodic compliance scans, you can select which policies to use in the scan. The scan process blends directly-assigned policies (user-assigned and organization-assigned policies) and an arbitrary set of selected policies.

Identity Manager users with Auditor Administrator capabilities can create audit policies and monitor compliance with those policies through periodic execution of policy scans and reviews of policy violations. Violations can be managed through remediation and mitigation procedures.

For more information about the Auditor Administrator capabilities, see Understanding and Managing Capabilities in Chapter 6, Administration.

Identity Manager auditing allows for regular scans of users. These scans execute audit policies to detect deviations from established account limits. When a violation is detected, remediation activities are initiated. The rules may be standard audit policy rules provided by Identity Manager, or customized, user-defined rules.