Authorizations Insight for Infor rules

To add Authorizations Insight rules to a rule book:

  1. Select Design > Business Controls > Rule Books on the navigation bar, click corresponding to a rule book to display the details page.
  2. Click to add a rule. The Rule Details tab on the New Rule page is displayed.
  3. Specify this information:
    Rule Name
    The name of the rule.
    Control Number
    The identification number of the rule.
    Note:  This number can be alpha numeric or numeric.
    Control Type
    The type of control based on the rules you want to create. Possible values:
    • Security Controls: Authorizations Insight rules to monitor security models.
    • Transaction Monitoring Controls: Process Insight rules to monitor business transactions.
    Insight
    The name of the Insight for which the rule is created. Select Authorizations Insight for Infor.
    Application (Maximum 2)
    The application for which the rule is created.
    Note: Rules cannot be built on more than two applications.
    Rule Type
    The type of the rules. The Authorizations Insight for Infor has these types of rules:
    • Sensitive rule
    • Conflicts rule
      Note: To create a Conflict rule, you must select the Sensitive or Conflict rule type and click the Convert to Conflicts Rule option on the Conditions tab.
    • Limits rule
      Note: Limit rules are applicable only for rule analysis.
    Object
    The Infor GRC business objects for creating a condition. The objects displayed are based on the Rule type selected. Possible values of objects:
    • For Sensitive and Conflicts rule, the objects are:
      • Permission
      • Role
    • For Limit rule, the objects are:
      • Permission
      • Role
      • User
    Status
    The status of the rule.

    Possible values:

    • Draft
    • In Review
    • Final
    Note: The rules with Final status are considered for an analysis.
    Priority
    The priority assigned to the rule.
    Expiry Date
    The date up to which the rule is valid.
    Note: When selecting an expiry date, select a date in the future. The rule book expires on the specified date and is not available for analysis after this date.
  4. Specify additional information on the risks associated with the rule in the Risk Description tab.
  5. Specify the reason for the existence of the rule, in the Control Objectives tab.
  6. Specify the documentation for the rule, if any, in the Documentation tab.
  7. Add reference documents from IDM (Infor Document Management) or from a third party for additional information, on the Supporting Documentation tab. Select the details and click Add. The selected documents are displayed at the bottom of the New Rule page. Click the document to review the details.
  8. Specify this information in the Owners tab:
    Owners
    The user assigned the role of an Owner for the rule.

    The Owners can:

    • Modify the conditions in a rule.

      Rules have pre-defined conditions that are used for analyzing data.

      Note: When a condition is modified in the Condition Library, the associated Rule Books are also updated.
    • Add other owners to the rule conditions.
    Users
    The user assigned the role of a User for the rule.

    The Users can:

    • Review the existing rule conditions and consider the conditions when creating rules.
    • Implement an existing rule condition to create a new rule condition with a different name.
  9. Click the Compensation Control and Exclusions section for:
    • Assigning an existing compensating control to the rule, using the option. The assignment expiry date of the selected compensating control is also displayed. Click the expiry date link to select a different expiry date from the calendar or retain as Never Expires.
      Note: You can also create a new compensating control, using the option. See, Working with compensating controls.
    • Removing a compensating control already assigned to the rule, using the option.
    • Excluding objects from the rule. See, Excluding objects from a rule.
  10. Click the Conditions tab. The conditions for the rule are based on the type of the rule you create:
    • For the Sensitive or Conflict rule, you must select a condition from the Condition Library.
    • For the Limit rule:
      1. Select an object name. The object names displayed in this field are based on the business object selected for creating the rule.
      2. Select an operator for the rule condition.
      3. Specify the number of users, in the Count of users field, who must be provided access to the selected object name.
        Note: The Count of users field is displayed when the object selected for creating the rule is Permission or Role. However, if the object selected for creating the rule is User, the Count of roles field is displayed.
  11. Click Save.