Audit Policy Rules
ComplianceViolations support numeric severity and priority attributes that enable you to distinguish between violations by severity or priority. You can assign these attributes to the violation, based on Audit rule output.
For example, if the Audit rule provides the following output, the resulting ComplianceViolation will have a severity of 3 and a priority of 4.
<map> <s>result</s> <i>1</i> <s>severity</s> <i>3</i> <s>priority</s> <i>4</i> </map> |
The following rules map between a ComplianceViolation’s numeric value and its display string value:
-
ViolationSeverity: Indicates the seriousness of the violation.
-
ViolationPriority: Indicates the order in which a ComplianceViolation would be addressed.
Identity Auditor allows you to customize these rules by changing the display value for any severity or priority setting.
After creating a ComplianceViolation, you can view and change the severity and priority values in the Remediation WorkItem list viewer by selecting one or more Remediation WorkItems, and then clicking Prioritize.
Note –
To view severity and priority values in the Remediation WorkItem list viewer, you must change the approval/remediate.jsp page to set the includeCV option to true (default is false).
However, be aware that enabling a more-detailed view affects performance, which may be unacceptable for deployments with lots of Remediations.
- © 2010, Oracle Corporation and/or its affiliates