Modifying separation of duty policies

An administrator can modify a separation of duty policy. For example, you can add or remove policy owners. You can also add or remove separation rules, change role attributes for a specific rule, and enable or disable the policy.

Before you begin

Depending on how your system administrator customized your system, you might not have access to this task. To obtain access to this task or to have someone complete it for you, contact your system administrator.

About this task

You can use policy modification to disable or enable a policy. If you disable a policy, the policy does not generate any additional to-do items until you re-enable it.

You cannot change the business unit to which the policy applies.

Procedure

  1. From the navigation tree, select Manage Policies > Manage Separation of Duty Policies.
    The Manage Separation of Duty Policies page is displayed.
  2. On the Manage Separation of Duty Policies page, complete these steps:
    1. Type information about the policy in the Search information field.
    2. In the Search by field, specify whether to do the search against policy names or descriptions, business units, or role names, and then click Search.
      A list of policies that match the search criteria is displayed.
      If the table contains multiple pages, you can:
      • Click the arrow to go to the next page.
      • Type the number of the page that you want to view and click Go.
    3. In the Separation of Duty Policies table, select the check box next to the policy that you want to modify, and then click Change. Selecting the check box at the top of this column selects all policies.
      The Change Separation of Duty Policy page is displayed.
  3. On the Change a Separation of Duty Policy page, complete these steps:
    1. Provide any necessary updates to the policy name and description.
    2. In the Policy Rules table, create, delete, or modify any rules that apply to the policy.
    3. Click the twisty icon next to Policy Owners.
      The Role Policy Owners table and the User Policy Owners table are displayed.
    4. Optional: In the Role Policy Owners table, click Add to search for and select roles to have ownership of the policy.
    5. Optional: In the User Policy Owners table, click Add to search for and select users to have ownership of the policy.
    6. Select whether to enable or disable the policy.
    7. Click Submit to save the policy.

Results

A Success page is displayed, indicating that you submitted a request to change a separation of duty policy.

What to do next

You can continue working with separation of duty policies, view your request, or click Close.