As a remediator of policy violations that are assigned to you, you can access the pending violations and take action on them by using the Identity Self Service. This chapter describes how to manage the pending violations assigned to you. It contains the following sections:
You can navigate and view the policy violations assigned to you in any one of the following ways:
In Oracle Identity Self Service, click the Self Service tab. Click the icon in the Pending Violations box.
In Oracle Identity Self Service, click the down arrow at the top, and select Inbox. Under Views, click the Pending Violations view.
You can search for policy violations if you are aware of the policy violation name that is system-generated.
To search for pending violations:
Login to Oracle Identity Self Service.
Click the Self Service tab.
Click the icon in the Pending Violations box. The Pending Violations page is displayed.
Alternatively, you can open the Inbox and click the Pending Violations view, as described in "Viewing Policy Violations".
In the Search field, enter a search criterion, such as the policy violation name.
Click the Search icon. The pending violations that match the search criteria are displayed in a tabular format.
To request for remediation for a policy violation assigned to you:
Navigate to the Pending Violation page or Inbox, as described in "Viewing Policy Violations".
Click the policy violation to open the Violation details page. This page consists of the following tabs:
Details: This tab has the following sections:
Violation Details: Displays the details of the policy violation, such as the policy attributes, status, detection count, and the details of the user for which the violation is generated.
Access Details: Displays the cause of the violation, the rules within the policy that have been violated, the status and attributes of the violation, and comments, if any. In addition, the Attributes column displays details of the cause of the violation.
You can place your mouse pointer on the information icon in the Rules Violated column to display a popup with details of the violated rule, such as rule name, description, and rule condition.
Action History: This tab displays all actions taken by the remediator of the policy till the current state.
For each item in the Access Details section of the Details tab, you can perform the following actions:
Close as Fixed: This action is to indicate that the cause has been fixed manually, either because it has been taken care of outside the system or the remediator has manually taken action to ensure that this access no longer exists for the user.
To close the policy violation cause by accepting the violation risk:
Select Close as Fixed. Alternatively, click Close on the toolbar, and then select Close as Fixed. The Provide Comments dialog box is displayed.
Enter a comment, and click Submit.
Close as Risk Accepted: This action is to indicate that the access is required by the user for a particular time period, and the user can have the access until that date.
To close the policy violation cause by accepting the violation risk:
From the Actions menu, select Close as Risk Accepted. Alternatively, click Close on the toolbar, and then select Close as Risk Accepted. The Provide Comments dialog box is displayed.
In the Expiration Date field, specify a date after which the violation will be re-opened if it still exists.
The default value of the Expiration Date field is 30 days. It can be increased to more than 30 by setting the value of the Maximum Risk Acceptance period for Policy Violation Causes field. For information about setting the value of this field, see "Setting Identity Audit Options".
In the Comments field, enter a comment, and click Submit.
Request for Remediation: This action is to indicate that you want to revoke the access of the user because it is not required by the user, in order to mitigate the violation.
Note:
This action is not available for any user attribute that is causing violations, for example user title.To request for remediation of the policy violation cause:
From the Actions menu, select Request for Remediation. Alternatively, click Remediate on the toolbar. The Provide Comments dialog box is displayed.
Enter a comment, and click Submit.
After you have taken actions on some or all or the access details, click Complete on the top-right corner of the screen.
Based on the actions taken and the conditions of the rules, the policy violation will either be closed (if there are no more violations) or re-opened (if some of the actions were left open or the risk accepted date has passed and the user still has the access) during subsequent identity audit scans.
When you reassign or delegate a policy violation task to other user/users, the ownership of the task is transferred to the user (assignee), and the task is removed from your view.
To reassign or delegate policy violations to other users:
Navigate to the Pending Violation page or Inbox, as described in "Viewing Policy Violations".
Search and select the policy violation that you want to reassign or delegate.
From the Actions menu, select Reassign. The Reassign Task dialog box is displayed.
Select any one of the following options:
Reassign (transfer task to another user or group): Select this option if you want to move the pending violation task to other users or roles that you specify.
Delegate (allow specified user to act on my behalf): Select this option if you want to allow the specified user to take action on the pending violation task on behalf of the logged-in user.
Search for the users (assignees) by specifying a search criterion in the search field.
Select the checkbox for each user that you want to select.
You can click Select All to select all the users in the search result, or you can click Select None to reset your selection.
Click OK. The pending violation task is reassigned/delegated to the selected users. The task is no longer displayed in the task view of the logged-in user.