14.5.2 Creating IDA Policies

To create IDA policies:

  1. In Identity Self Service, click the Compliance tab.

  2. Click the Identity Audit box, and select Policies. The Policies page is displayed.

  3. From the Actions menu, select Create. Alternatively, click Create on the toolbar. The Create Policy page is displayed.

  4. Enter values in the fields of the Create Policy page, as described in Table 14-2.

    Table 14-2 Fields in the Create Policy Page

    Field Description

    Name

    The IDA policy name.

    Description

    The description for the IDA policy.

    Status

    The status of the IDA policy, which is Enabled by default.

    Owner

    The display name of the policy owner. Click the search icon adjacent to this field to search and select a policy owner.

    Type

    The policy type is Identity Audit by default. This value cannot be modified because only policies of type Identity Audit can be created from the Create Policies page.

    Severity

    Select a severity level, such as High, Medium, or Low, which will be associated with the policy violations generated by this policy.

    Evaluate during Requests

    Select this option to display the policy violation during user's access request. User can either cancel the request or submit the request with violation.

    Workflow Name

    The workflow name that will be invoked during a user's access, if you select the Evaluate during Requests option. By default, the default/Identity/AuditRemediation workflow is selected.

    Remediator

    Specify a remediator for violations generated by the policy. To do so, select any one of the following:

    • User: Select this option to specify a user as the remediator. Search and select the user by clicking the Search icon.

    • Manager: Select this option if you want the manager of the user for whom the violation is generated to be the remediator.

    • Role: Select this option if you want to specify the members of a certain role to be the remediator. Search and select the role by clicking the Search icon.

  5. To add one or more rules to the policy:

    1. Click Add. The Add Rule dialog box is displayed.

    2. Search for the rule or rules that you want to add to the policy. To do so, select a rule attribute name from the search list, enter a search criterion on the search field, and click the Search icon. The rules that match the search criterion are listed in the Results table.

    3. Select one or more rules that you want to add to the policy, and click Add Selected. To select all rules, you can click Add All. The selected rules are added in the Selected Rules table.

    4. Click Select. The selected rules are added to the table in the Create Policy page.

    5. (Optional) To remove any rule from the table in the Create Policy page, select the rule, and click Remove.

  6. Click Create. The policy is created. The policy is listed in the Policies page. You can now run a preview of the policy.