This section discusses changing identity, application, and permission information:
Identity information includes:
The attributes and relationships you collect through the identity collectors
Status in Identity Governance, such as role assignments and risk factors
Identity source information, such as the collector mappings, and curated and effective values for the identity attributes
To view or edit identity details:
Navigate to Catalog > Users and select a user. For example, Lisa Haagensen.
View basic information about that user, and select More to see more details.
Select available tabs to view items such as group membership, role assignments, and source for the user information.
(Optional) Select the Edit icon next to the user.
Modify the available attribute values, and then select Save.
Application information includes:
The application photo, name, and description
The identities of the application owner and administrators
The method for fulfilling changeset items
You can also specify the risk level for the application and whether reviews include the permission hierarchy of the application.
To manage the application information:
Navigate to Catalog > Applications.
Select the name of an application. For example, Safe Financials.
Select the Edit icon.
Modify the application settings, such as:
Specifies the importance of the application in terms of limited access and security.
For example, you might want to review access to applications with a high risk more often than applications with a mild risk.
Specifies users who can access the Catalog and can manage data.
Specifies a string that creates a new tag or shows existing tags from another application that match the string.
Specifies a user who is responsible for reviews where the review definition references the Application Owner.
Specifies whether you want to see the permission that was assigned in a permission hierarchy of relationships when this application is included in a review.
Specifies whether you want to hide account names.
You can use this setting in review definitions as criteria for permissions to be included in the review. For example, if the collected accounts names are obscure names, you might not want to use them.
Specifies whether you want to use an autocompleter of permissions published in the system.
Identity Governance allows you to specify a fulfillment target for each application. In the catalog, you can see the fulfillment settings for each application.
To review current fulfillment settings:
Log in to Identity Governance.
Under Catalog, click Applications, and select an application.
Under Fulfillment Information, view the fulfillment type and details.
For information about configuring fulfillment, see Section 14.2, Configuring Fulfillment.
Permission information includes:
The permission photo, name, and description
Identity of the permission owners
The risk level for the permission
You can also observe permission relationships if the permission contains other permissions, has holders, or is part of Separation of Duties (SoD) policies.
When you save changes, Identity Governance displays an icon next to a changed setting. Select the icon to reset the setting to the originally collected value.
To manage permission information:
Navigate to Catalog > Permissions.
Select a permission.
Select the Edit icon.
Modify the permissions settings, such as:
Specifies the importance of the permission in terms of limited access and security.
For example, you might want to review access to permissions with a high risk more often than permissions with a mild risk.
Specifies one or more users responsible for reviews where the review definition references the Permission Owner.
Specifies whether you want to exclude this permission from reviews.