When CA IdentityMinder integrates with CA GovernanceMinder, CA IdentityMinder administrators can validate proposed changes against business policy rules in CA GovernanceMinder before committing changes. Validating changes before they are committed helps companies maintain the role model that they have defined for their operations.
Users can validate proposed changes involving users, roles, and accounts.
When Smart Provisioning is enabled for an environment, CA IdentityMinder validates proposed changes to users, roles, and accounts before an administrator submits a task or approves a work item. The proposed changes are validated against Business Policy Rules (BPRs), which are defined in CA GovernanceMinder and represent various constraints on privileges. For example, a BPR may prevent users who have a purchasing department role, which allows members to order stock from subcontractors, from also having the subcontractor payment role. BPRs are created by a system administrator, business manager, auditor, or role engineer in CA GovernanceMinder.
Note: For more information about BPRs, see the Client Tools Guide.
You can configure CA IdentityMinder to perform these validations automatically when users perform certain tasks, or allow users to initiate the validation manually.
|
Copyright © 2014 CA.
All rights reserved.
|
|