When user, resource, and roles data (if available) is imported into CA GovernanceMinder, it is converted into a configuration document. Then, CA GovernanceMinder can analyze the data and implied relationships (connections) in the downloaded data to determine roles. A role defines a relationship that exists between users, resources, or other roles. Certain roles can imply access to resources that are not immediately apparent. For example, a hierarchical relationship can mean that a user possessing a certain role can access resources that are not defined as belonging to them, or not even in their own physical area of operation. In addition, because of employment circumstances, some employees (users) may acquire too many resources, or some resources may be improperly allocated to them. The client tools analyze and propose roles identify both a specific role phenomenon or many role phenomena at the same time.
These role discovery tools are contained in the Discovery menu option on the menu bar.
Role discovery options include searching for and proposing basic roles, obvious roles, roles that are almost perfect matches of other roles, and identifying role hierarchy. These options contain sub-menus that enable fine-tuning the discovery algorithm to adapt it to the specific configuration that is being analyzed. The user should experiment with these tools and the thresholds that they contain to determine the best tools for the particular configuration. The results of running these options are only proposals for role definitions. These roles must be examined by the Role Engineer to determine their appropriateness and validity for the organization.
An Entity Report is generated from the Management menu when a configuration window is active. It shows basic data including direct resources, sub-roles and parent roles. A report of any single or several highlighted entities can be printed in report form. These printed reports can be sent to other company officials to obtain their comments on the discovered roles or as part of on-going organizational activities.
|
Copyright © 2014 CA.
All rights reserved.
|
|