27.2 Creating and Editing Certification Policies

NOTE:Reviews should be defined before creating a certification policy. For information about review definitions, see Section 23.0, Creating and Modifying Review Definitions.

After creating review definitions, create certification policies that OpenText Identity Governance can use to alert you of possible compliance violations. When a review has been completed, you can view the list of violations.

  1. Log in as a Customer, Global, Data, or Review Administrator.

  2. Under Policy, select Certification.

  3. Select + to create a certification policy.

  4. Specify the name of the certification policy, validity period, and single or multiple review definitions.

    NOTE:Policy names must be unique. When OpenText Identity Governance checks for uniqueness, case is not considered. Therefore, OpenText Identity Governance considers Hippa and HIPPA to be equivalent.

    HINT:Click the search icon to select single or multiple review definitions. You can also enter wildcard * to search for reviews, or just start typing the review name to view suggestions.

  5. (Optional) Set risk.

  6. (Optional) Specify policy administrator.

    NOTE:Policy administrator role will be functional in a future release of OpenText Identity Governance. Currently, Customer, Global, Data, or Review Administrator can function as a policy administrator.

  7. (Optional) If you want to prevent OpenText Identity Governance to calculate violations automatically, deselect Run will be triggered by event and Run when policy is saved.

  8. Save your settings.

  9. Under Policy, select Certification to view the newly created policy listed with number of violations.

  10. (Optional) Select Set Remediation to select remediation action. For more information about setting remediation, see Remediating Certification Policy Violations.

  11. (Optional) Select the policy, then select Edit to edit the policy.

  12. (Optional) Select a specific policy or multiple policies, then select Actions to delete policies, calculate policy violations, run remediation, or export policies.