You can configure identity policies to define conditions that must or must not exist, and to take certain actions based on the evaluation of those conditions. For example, you can define a compliance policy that states that managers must have a spending limit of $5,000. If a manager has a spending limit of $10,000, CA Identity Manager can reset the manager’s spending limit, and record a compliance violation for auditing purposes.
To create a compliance policy set for enforcing spending limits, create an identity policy with the following settings:
|
Setting |
Value |
|---|---|
|
Apply Once |
Not enabled |
|
Compliance |
Enabled |
|
Policy Condition |
Any conditions that define compliance or a compliance violation--for example: title=<some_title> AND Spending Limit > <some spending limit> |
|
Action on Apply Policy |
The actions that CA Identity Manager should take when the policy condition applies--for example:
|
The following figure shows the sample compliance policy described in this example.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|