Review Access Incidents by Control, User, and Role
An access control may generate thousands of incidents. Rather than review them all at once, you can separate them into manageable sets that apply to individual users, or even sets that apply to roles assigned to each of those users.
In the Result by Control Summary page, click the User Count value in the record of an access control to open a Results by Control and User page. In it, each row identifies a user involved in incidents generated by the control you selected and the number of pending incidents applying to that user.
In that page, you can click a user's number of pending-incident paths to open a Results by Control, User, and Role page. Each of its rows identifies a role assigned to the selected user and involved in the incidents generated by the selected control. Each row also displays the number of pending incidents applying to its role.
From there, you can click on a role's number of pending-incident paths to open a Results page filtered to display the incidents that apply to the user and role you've selected. Except for the filtering, this is the same as the page you'd open by clicking the Results Count value for a control in the Result by Control Summary page. You can use it in the same way to mass-edit incidents, open incident records for individual review or editing, create visualizations, or run contextual reports.
In the Control-User and Control-User-Role pages, you can:
-
Mass-edit all the incidents that apply to a user in the Control-User page. Or, mass-edit all the incidents that apply to a role assigned to a user in the Control-User-Role page. In either case, click the pencil icon in a record to edit the incidents associated with that record. Among other things, mass-editing enables you to resolve a set of incidents by updating their status. (See the Mass-Edit Incidents topic for more information.)
-
Search among the users or roles the page lists. As you begin to type in the Search field, a window presents the names of items that contain the letters you've typed. You can click on a name to select that item. Or, in the Control-User page, click Show Filters to create filters on these user attributes: Manager, Location, Department, Country, Job, Email, and Business Unit. (To view the attribute values assigned to a user record, expand its row.)
-
Sort records. In either page, Pending Incident Paths is the default; it sorts records in descending order of the number of incidents they contain. In the Control-User page you can sort by user, and in the Control-User-Role page you can sort by role, to list records in ascending alphabetic order of item names. Select the sort you want in a Sort By field.
-
Export the content of the page to a spreadsheet. Select Actions > Export. A message presents a job ID. Use it to identify the record of that job in the Monitor Jobs page. When the job status is Complete, download the file from the job record.
-
Refresh the page, to capture the latest records and counts based on the most recent run of a Record Count Update job. Select Actions > Refresh.
-
Display "user cards," which show additional information about the users to whom incidents apply. Hover over a user's picture until an ellipsis appears. Then click on the ellipsis.