Identity Audit. Compliance Rule. Set Exception Approval by User’s Manager

Product Version: One Identity Manager v9.2.1. Classic web portal.

Dear Team,

I am currently working on configuring an Identity Audit compliance rule and would like to request your guidance on a specific use case.

Objective:
I would like to designate the user’s manager as the Exception Approver whenever a rule violation is detected for that user.

Use Case:
Within our ITShop, products are organized by Service Categories, which correspond to various Job Categories. Additionally, each identity (record in the Person table) is associated with a specific Job Category.
We intend to utilize the Identity Audit module to notify both the user and their manager when a user requests a product from a Service Category that does not correspond to their assigned Job Category.

For example, if a user from the Purchasing department requests a product outside of the Purchasing Service category, an alert (e.g. message in the webportal) should be displayed for the user previous to request submission (when 'checking shopping cart'), and then a similar notification should be displayed to the user's manager when it comes to his/her approval.

Could you please advise on how this can be implemented within One Identity Manager? I would also appreciate any alternative approaches you might recommend to address this scenario effectively.

Thank you in advance for your support.

Parents Reply
  • Thank you very much, Markus. I tested your suggestion, and it works well. The requester is now notified by a warning banner during the Shopping Cart check. The banner states: 'The product "XXXX" does not belong to the same functional area as the identity "YYYY".'
    But would there be a way to display the same warning banner to approvers—such as the user's manager—when they are making the approval decision?

    Thanks.
     

Children