Skip Navigation Links | |
Exit Print View | |
![]() |
Oracle Identity Analytics Business Administrator's Guide 11g Release 1 |
1. Oracle Identity Analytics Identity Warehouse
2. Oracle Identity Analytics Importing
3. Oracle Identity Analytics ETL Process
4. Oracle Identity Analytics Data Correlation
5. Oracle Identity Analytics Role Engineering and Management
6. Oracle Identity Analytics Workflows
7. Oracle Identity Analytics Identity Certifications
8. Oracle Identity Analytics Identity Audit
9. Oracle Identity Analytics Reports
10. Oracle Identity Analytics Scheduling
11. Oracle Identity Analytics Configuration
To Create, Rename, and Delete a Resource Type
Understanding Resource Type Attributes and Attribute Categories
To Create, Rename, and Delete an Attribute Category
Configuring Resource Type Attributes
To Create, Rename, Edit, and Delete an Attribute
Provisioning Servers Configuration
To Create a New Provisioning Server Connection
Identity Certification Configuration
To Configure Identity Certification
Completing the Certification Configuration Form "General" Section
To Complete the Certification Configuration Form "Status Options" Section
To Complete the Certification Configuration Form "Reminders" Section
To Complete the Certification Configuration Form "Revoke and Remediation" Section
To Configure E-Mails for Violation Reminder and Escalation
To Configure E-mails For Violation Lifecycle Event Notifications
To Configure Report Reminder E-mails
E-mail Templates Configuration (Configuring E-mail Notification)
To Create and Configure E-mail Notifications
To Create a New Event Listener
This section describes how to configure the Oracle Identity Analytics identity certification feature. In addition, the following identity certification configuration topic is covered in the Oracle Identity Analytics 11gR1 System Integrator's Guide:
Configuring Identity Certification Batch Sizes in the UI is covered in the Oracle Identity Analytics 11gR1 System Integrator's Guide in the "Customizing the Oracle Identity Analytics User Interface" chapter.
Log in to Oracle Identity Analytics.
Choose Administration > Configuration.
Click Identity Certification.
The Certification Configuration page opens.
Click a section to expand it.
Complete the form and click Save.
For help completing the form, see the following sections.
Before You Begin - See Identity Certification Configuration for help opening the Certification Configuration page.
Table 11-6 - "General" Panel
|
Table 11-7 - "User Entitlement Options" Panel
|
Before You Begin - See Identity Certification Configuration for help opening the Certification Configuration page.
In the User Access Tab, select the options that the manager will see when certifying users under him.
For example, 'Works for me,' 'Does not work for me,' 'Terminated,' and 'Reports To' in the Employee Verification section, and 'Certify,' 'Revoke,' 'Unknown,' and 'Exception Allowed' in the Certification Sign off section. Oracle Identity Analytics also includes the option of renaming these labels according to an organization's preference.
In the Data Owner Tab, select the options that the data owner will see when certifying the users' Access under him.
For example, 'Belongs To Me,' and 'Does Not Belong To Me' in the Data Owner Verification section, and 'Certify,' 'Revoke,' 'Unknown,' and 'Exception Allowed' in the Approve or Revoke Data Access section. Oracle Identity Analytics also includes the option to renaming these labels according to an organization's preference.
In the Resource Entitlement Tab, select the options that the manager will see when he is certifying the users' Access under him.
For example, 'Certify,' 'Revoke,' 'Unknown,' and 'Exception Allowed' in the Verify employee access section. Oracle Identity Analytics also includes the option of renaming these labels according to an organization's preference.
In the Role Entitlement Tab, select the options that the manager will see when he is certifying the roles of users under him.
For example 'Belongs To Me' and 'Does Not Belong To Me' in Role Entitlement section, and 'Certify,' 'Revoke,' 'Unknown,' and 'Exception Allowed' in the Certify Policy and Entitlement Access section. Oracle Identity Analytics also includes the option of renaming these labels according to an organization's preference.
Click Save.
Before You Begin - See Identity Certification Configuration for help opening the Certification Configuration page.
In New Certification Notification tab, choose one or both of the following:
If an e-mail goes out every time a new certification is created, and, if so, the format of the e-mail.
If an e-mail goes out when the certifier is updated, and, if so, the format of the e-mail.
In the Upcoming Certification Notification tab, choose if a notification e-mail should be sent to the manager of any upcoming certifications. You also have an option to choose the reminder interval and the format of the e-mail.
In the Pending Certification Notification tab, choose when to start sending pending certification notification e-mails to the manager, and when to escalate the notification e-mails to the manager's manager in case certification is not completed.
In the Certification Completion Notification tab, choose if an e-mail goes out every time a certification is completed, and, if so, the format of the e-mail.
In the Certification Expiry Notification tab, choose if a notification e-mail should be sent to the manager of certifications that have expired and certifications that are about to expire. Administrator also has an option to choose the notification interval and the format of the e-mail.
Click Save
Before You Begin - See Identity Certification Configuration for help opening the Certification Configuration page.
In the Access Revoke section, configure the certification to send appropriate e-mails along with manager's comments when user access is revoked by a manager.
E-mails can be sent when a manager selects 'Does Not Work For Me' or 'Revoke Access' from the roles and entitlements certification screen.
Use the Reporting Changes option when considering the action to be taken when employee verification options "Does Not Work for Me", "Terminated," and "Works for Some One Else" are selected.
When reporting changes is enabled, the details of employees verified by selecting the options mentioned is recorded separately. The Create New Certification Per Reporting Manager option creates a new certification for each user selected as the actual "certifier" by using the "Works for Some One Else" option.
Use the Remediation section when considering the display information during the remediation process. Select Display Remediation Instructions to allow the certifier access to remediation instructions by clicking the hyperlinked resource button during the certification process.
Select Perform Closed-Loop Remediation, to start the remediation process on one of the following dates:
Certification End Date - The remediation process takes place on the day the certification ends or expires.
Include Expired Certification - The remediation process takes place on the completed portion of the incomplete certification when it expires.
Certification Completion Date - The remediation process takes place on the day the certifier completes the certification.
Click Save.