Query items for Separation of Duty Audit namespace

The following table lists the query items in the Separation of Duty Audit namespace.

Table 1. Query items in the Separation of Duty Audit namespace
Query subject Query items and their description
Separation of Duty Policy
Separation of Duty Policy Name
The name of the separation of duty policy.
Separation of Duty Policy Description
The description of the separation of duty policy.
Separation of Duty Policy Business Unit Name
The name of a business unit to which the separation of duty policy applies.
Separation of Duty Policy Enabled
Indicates whether or not the policy is enabled. The valid values are Enabled and Disabled.
Separation of Duty Policy Rule Name
The name of a rule that is associated with the separation of duty policy.
Separation of Duty Policy Rule Max Roles Allowed
The maximum number of the roles that can be a part of the separation of duty rule.
Separation of Duty Policy Id
A unique numeric identifier for the separation of duty policy.
Separation of Duty Policy Dn
An LDAP distinguished name for the separation of duty policy.
Separation of Duty Rule Id
A unique numeric identifier for the separation of duty rule that is associated with the separation of duty policy.
Separation of Duty Policy Role
Separation of Duty Policy Role Name
The name of the role that is a part of the separation of duty rule.
Separation of Duty Policy Role Description
The description of the separation of duty policy role.
Separation of Duty Policy Business Unit Name
The name of the business unit to which the separation of duty policy role applies.
Separation of Duty Policy Role Dn
An LDAP distinguished name for the role that is a part of the separation of duty policy.
Separation of Duty Policy Role Id
A unique numeric identifier for the role that is a part of separation of duty policy.
Separation of Duty Policy Rule Id
A unique numeric identifier for the separation of duty rule that is associated with the separation of duty policy.
Separation of Duty Policy Violation and Exemption Current Status
Audit Status
The status of the separation of duty policy violation or exemption. The possible values are:
  • Violation - indicates that the violation occurred.
  • Approved - indicates that an approver approved the exempted violation.
Audit Person Name
The name of a person to which the violation refers.
Audit Person Business Unit
The business unit to which a person involved in the violation belongs.
Audit Approver Name
The name of a person who exempted the violation.
Audit Approver Business Unit
The business unit of the user who exempted the violation.
Audit Approver Comment
The comment that is added by an approver during the violation exemption process.
Audit Policy Rule Name
The name of a rule that is associated with the separation of duty policy.
Audit Policy Rule Max Roles Allowed
The maximum number of the roles that can be a part of the separation of duty rule.
Audit Policy Rule Version
The separation of duty rule version.
Audit Time Stamp
The audit action occurrence time stamp.
Audit Exemption Time Stamp
The time stamp of the last violation occurred during separation of duty policy evaluation.
Audit Violation Id
A unique numeric identifier for the violation record.
Audit Policy Global Id
A unique identifier for the separation of duty policy.
Audit Rule Global Id
A unique identifier for the separation of duty policy rule.
Audit Person Global Id
A unique identifier for the person against whom the violation occurred.
Separation of Duty Policy Violation and Exemption History
Audit Status
The status of the separation of duty policy violation or exemption. The possible values are:
  • Violation - indicates that the violation occurred.
  • Approved - indicates that an approver approved the exempted violation.
Audit Person Name
The name of a person to which the violation refers.
Audit Person Business Unit
The business unit to which a person involved in the violation belongs.
Audit Approver Name
The name of a person who exempted the violation.
Audit Approver Business Unit
The business unit of the user who exempted the violation.
Audit Approver Comment
The comment that is added by an approver during the violation exemption process.
Audit Policy Rule Name
The name of a rule that is associated with the separation of duty policy.
Audit Policy Rule Max Roles Allowed
The maximum number of the roles that can be a part of the separation of duty rule.
Audit Policy Rule Version
The separation of duty rule version.
Audit Time Stamp
The audit action occurrence time stamp.
Audit Violation Id
A unique numeric identifier for the violation record.
Audit Policy Global Id
A unique identifier for the separation of duty policy.
Audit Rule Global Id
A unique identifier for the separation of duty policy rule.
Audit Person Global Id
A unique identifier for the person against whom the violation occurred.
Separation of Duty Policy Audit
Audit Separation of Duty Policy Name
The name of the separation of duty policy.
Audit Separation of Duty Policy Business Unit
The business unit of the separation of duty policy.
Audit Action
An action that is performed on the separation of duty policy. For example, Add, Modify, Delete, and Reconcile.
Audit Comments
The comments that are entered by the approver.
Audit Process Subject
The name of the separation of duty policy on which the audit action occurs.
Audit Process Subject Profile
The profile type of an entity that is associated with the audit action. This query item contains the value only if the Audit Process Subject contains a value.
Audit Process Subject Service
The service to which an entity represented by the Audit Process Subject query item belongs.
Audit Process Recertifier Name
The name of a user who approves the audit process workflow.
Audit Process Requestee Name
The entity upon which the audit action is performed.
Audit Initiator Name
The name of a user who initiates the audit action.
Audit Activity Owner
The name of a user who owns the audit activity.
Audit Activity Name
The name of the audit activity.
Audit Operation Start Time
The audit operation initiation date and time.
Audit Process Submission Time
The audit process submission date and time.
Audit Process Schedule Time
The date and time at which an event is scheduled for execution.
Audit Process Completion Time
The audit process completion date and time.
Audit Activity Result Summary
The result of an activity within the account audit process.
Audit Process Result Summary
The result of an account audit process.
Separation of Duty Policy Role Conflict
User Roles in Conflict
The name of the role on the person that is found in violation of the separation of duty policy rule.
User Roles in Conflict Role Dn
An LDAP distinguished name for a role on the person that is found in violation of the separation of duty policy rule.
User Roles in Conflict Business Unit Dn
An LDAP distinguished name for the business unit of a role on the person that is found in violation of the separation of duty policy rule.
User Roles in Conflict Owner Dn
An LDAP distinguished name for an owner of a role. The referred role is the role that participates in the separation of duty policy. This query item might be empty if no owners are assigned to the role.
Policy Roles in Conflict
The name of the role as referenced in the separation of duty policy rule that is involved in the violation.
Policy Roles in Conflict Role Dn
An LDAP distinguished name for the role as referenced in the separation of duty policy rule that is involved in the violation.
Policy Roles in Conflict Business Unit Dn
An LDAP distinguished name for the business unit of a role as referenced in the separation of duty policy rule that is involved in the violation.
Policy Roles in Conflict Owner Dn
An LDAP distinguished name for an owner of a role. The referred role is the role that associates with a user. This query item might be empty if no owners are assigned to the role.
Separation of Duty Policy Violation Id
A unique numeric identifier for the separation of duty violation record.