|
|
|
Compliance is a corporate governance that includes a wide range of procedures that ensure a company and its employees comply with business policies. These compliance procedures often involve documenting, automating, and auditing the allocation of entitlements to applications and systems.
CA Identity Manager includes the following features, which support compliance management:
Smart Provisioning is a collection of functionality that simplifies provisioning role assignment when CA Identity Manager integrates with CA RCM. This functionality includes:
CA Identity Manager can provide administrators with a list of provisioning roles that may be appropriate to assign to a user. The list of provisioning roles is determined by CA RCM, based on criteria entered by the administrator.
Suggested provisioning roles help ensure that users have the correct privileges, while maintaining a company's role model.
Identity Manager administrators can validate proposed changes against a role model in CA RCM before committing changes. Validating changes before they are committed helps companies maintain the role model that they have defined for their operations.
Users can validate proposed changes to provisioning roles (assigning or removing them), and changes to user attributes.
CA Identity Manager performs two types of policy validations:
Proposed changes are validated against the CA RCM role model to see if they violate explicit, predefined business policy rules in CA RCM.
Proposed changes are compared to the CA RCM role model to see if they cause the subject of the change to become "out of pattern." CA Identity Manager also makes sure that the changes do not significantly alter an established pattern in the role model.
You can configure CA Identity Manager to perform these validations automatically when users perform certain tasks, or allow users to initiate the validation manually.
You can implement Smart Provisioning in an Identity Manager Environment once there is an established role model, based on Identity Manager data, in CA RCM.
Note: For more information, see the Administration Guide.
You can create a compliance policy, a type of identity policy, which prohibits users from having certain privileges if they have other privileges. For example, you can prohibit users who can approve checks from issuing checks.
Compliance policies enforce a segregation of duties in your environment.
CA Identity Manager includes sample reports that display the compliance status for users in your environment. Using these reports, you can see which users are not compliant with your business policies.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |