An administrator
or policy owner can approve separation
of duty policy violations for each rule in the policy.
Before you begin
Depending on how your system administrator customized your system, you might not
have access to this task. To obtain access to this task or to have someone complete it for you,
contact your system administrator.
About this task
When you approve a violation, an exemption is created
for the specified user and the combination of roles that caused the
violation. After you approve a policy violation, that violation is
removed from the violation list, and a new exemption is displayed
in the exemption list.
Having an exemption means that the user
is allowed to be a member of the violating roles. Updates to the user's
person record do not cause additional violations or warnings unless
the user introduces a new violation that is not covered by the exemption.
Updates
to the record of a person do not trigger an approval unless the roles
of the person are updated and the combination violates a separation
of duty policy, assuming that an exemption does not exist for the
policy.
Procedure
- From the navigation tree, select .
The Manage Separation of
Duty Policies page is displayed.
-
On the Manage Separation of Duty Policies page,
complete these steps:
- Type information
about the policy in the Search
information field.
- In the Search by field, specify
whether to do the search against policy names or descriptions, business
units, or role names, and then click Search.
A list of policies that match the search criteria
is displayed.
If the table contains multiple pages, you can:
- Click the arrow to go to the next page.
- Type the number of the page that you want to view and click Go.
- In the Separation
of Duty Policies table,
click the link provided in the Violations column
of the policy that you want to view.
The link is displayed
only if there are one or more violations for the separation of duty
policy.
The Violations and Exemptions
Summary page is displayed.
- On the Violations and Exemptions Summary page,
complete these steps:
- Select the order
in which you want to sort the rules,
and then click Sort.
You can sort
alphabetically by rule name, or sort by the number of violations or
exemptions.
- Click the icon (
) next to
each rule that
you want to view. The Violations table
is displayed, providing information about violations for the rule
that you specified.
- In the Violations table, select
the check box next to one or more violations that you want to approve,
and then click Approve. Selecting the check
box at the top of this column selects all violations.
The Approve
Violations page is displayed.
- On the Approve Violations page, complete
these steps:
- In the Violation
Summary, ensure
that the policies and rules are correct.
- In the Notes field, type a reason
for approving the violation, and then click Approve.
Results
A Success page is displayed, indicating
that you successfully approved the violations for the specified policy
and rule.
What to do next
You can approve additional violations
or revoke exemptions.
When
you are done viewing violations and exemptions, click Close.