Compliance is a corporate governance that includes a wide range of procedures that ensure a company and its employees comply with business policies. These compliance procedures often involve documenting, automating, and auditing the allocation of entitlements to applications and systems.
CA IdentityMinder includes the following features, which support compliance management:
Smart Provisioning is a collection of functionality that simplifies provisioning role assignment when CA IdentityMinder integrates with CA GovernanceMinder. This functionality includes:
CA IdentityMinder can provide administrators with a list of provisioning roles that may be appropriate to assign to a user. The list of provisioning roles is determined by CA GovernanceMinder, based on criteria entered by the administrator.
Suggested provisioning roles help ensure that users have the correct privileges, while maintaining a company's role model.
CA IdentityMinder administrators can validate proposed changes against a role model in CA GovernanceMinder before committing changes. Validating changes before they are committed helps companies maintain the role model that they have defined for their operations.
Users can validate proposed changes to provisioning roles (assigning or removing them), and changes to user attributes.
CA IdentityMinder performs two types of policy validations:
Proposed changes are validated against the CA GovernanceMinder role model to see if they violate explicit, predefined business policy rules in CA GovernanceMinder.
Proposed changes are compared to the CA GovernanceMinder role model to see if they cause the subject of the change to become "out of pattern." CA IdentityMinder also makes sure that the changes do not significantly alter an established pattern in the role model.
You can configure CA IdentityMinder to perform these validations automatically when users perform certain tasks, or allow users to initiate the validation manually.
You can implement Smart Provisioning in a CA IdentityMinder Environment once there is an established role model, based on CA IdentityMinder data, in CA GovernanceMinder.
Note: For more information, see the Administration Guide.
You can create a compliance policy, a type of identity policy, which prohibits users from having certain privileges if they have other privileges. For example, you can prohibit users who can approve checks from issuing checks.
Compliance policies enforce a segregation of duties in your environment.
CA IdentityMinder includes sample reports that display the compliance status for users in your environment. Using these reports, you can see which users are not compliant with your business policies.
|
Copyright © 2013 CA.
All rights reserved.
|
|