How can we leverage SoD and governance policies in IdentityNow?
How can we leverage SoD and governance policies in IdentityNow?
Separation of Duties, or SoD, and governance policies may be leveraged to detect unwanted access conditions in Identity Security Cloud and IdentityNow. Additionally, SoD policies may also be leveraged to prevent violations during requests for access.
To leverage SoD and governance policies in a detective manner, reports of policy violations may be generated per policy on an ad-hoc basis. Violation reports may also be emailed on a regular basis by configuring a policy subscription.
Any active SoD policies are also leveraged in a preventative manner by displaying warnings to users who have submitted access requests (as well as the recipient of the request) that would cause a violation. In addition, access request reviewers are also notified of policy violations and can review the policy details, in order to make an informed decision regarding whether to approve or deny the request.
