Identity Governance (IG): Create a SoD policy which has as a condition identity attribute data

Create other types of SoD policies or just access policies that consider the mix of permissions and identity attribute date. For instance, an user who is a contractor (identity data) should not have a specific permission or account on a system. If that is found, it would be considered as a violation. That allows the solution to govern not only SoD but other types of access policies.

by: Hugo H. | over a year ago | Configuration

Filter expressions like for business role membership are important - also on the permissions. We often get questions for permission "SoD Categories".

by: Klaus S. | over a year ago
Hi Hugo, one of our partners does this by using business roles. Within a business role you can add the expression based on identity attribute data. So you create a business role that includes all users who are contractors. Then the SoD is this Contractor Business Role and the permission or account on a system. Hope this helps.

by: Michiel P. | over a year ago
This is on our backlog and is under consideration for a future release.

by: Patrick Gookin | over a year ago
official response

Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.

4

Create a SoD policy which has as a condition identity attribute data

Comments