Policy Violations Table

  • 7011167
  • 07-Jul-2010
  • 02-Nov-2012

Environment

NetIQ Access Governance Suite

Situation

Details of the columns in the Certification Decisions tab, Policy Violations table:

Violation Decision

Note: The decision buttons displayed are dependent on system settings configured during deployment of Access Governance Suite.

The action to take on the policy violations.

To edit or change a decision after a save has been performed, click the icon to the left of the decision buttons and select Edit or Undo Decision.

To add comments or view the history associated with a policy violation, click the icon to the left of the decision buttons. Type comments into the pop-up dialog and click Save or view the history information below the policy violation information.

When comments are added to a certification item, balloon icons are displayed in this column.

  • Allow - allow the violation for a specific period of time.
  • Revoke - revoke one or more of the conflicting roles or permissions or accounts.
  • Delegate - delegate the certification of the policy violations, for this identity, to someone else with certification authority.

Policy

The policy that is in violation.

Rule

The specific rule that is being broken to cause the violation of the policy. Click on a rule to display the following rule information:

  • Description - brief description of the rule from the rule definition page.
  • Policy - the policy in which the rule is contained.
  • Score Weight -the risk score weight assigned to this rule and used to calculate identity risk scores.
  • Compensating Control - any compensating controls associated with this rule.
  • Corrective Action - any recommended corrective action entered when the policy was defined.

Summary

The description of the policy violation from the rule definition page.

Due Date

This column is only displayed for continuous certifications. The current state of the item in the continuous certification life cycle (certified, certification required, or overdue). The date displayed is the date at which the item will move to the next state.