Viewing Security Object Data in the Investigator › Security Definitions › Users

Users

The Users category lets security administrators and auditors view user information across one or more systems. CA ACF2 uses logon IDs and CA Top Secret uses accessor IDs (ACID) to identify users. After you select a row of data, more granular information appears in the Details pane at the bottom of the Investigator.

The following are examples of information that CA Chorus for Security and Compliance Management lets you query at your enterprise:

• Identify suspended user IDs. After you identify the ID, drill down to investigate the cause of the suspension.
• Compare user IDs to model permissions and attributes of an existing user to a new one.
• Determine if a user has more than one ID.

Example: Identify and Delete Suspended Users Who Have Left the Company

Your manager has asked you to search for suspended users to identify ones that were suspended instead of permanently removed from the system. In the future, you will perform this internal audit periodically to make certain that your offboarding process is effective. Your manager has given you a list of the users who have left the company in the last year.

1. Add the Investigator module to your dashboard and click New Investigation.
2. Select Security from the drop-down list.
3. Select Definitions, Users from the folder list.
4. Click View Charts (pie chart icon).
5. Select Suspended from the Chart By drop-down list, Select Count from the Aggregate drop-down list, and click Add.

   A pie chart appears that shows you have one suspended user.

   

6. Sort the Suspended column.

   The suspended user is identified.

7. Compare the data that you gathered with the data provided by your manager to ensure the suspended user left the company.
8. (Optional) Select the suspended user in the Investigator, and select the Delete User action in the Actions pane.

   The selected user is deleted.