Violation Details for Infor, Lawson, Oracle, and PeopleSoft Requests

This page provides details of violations generated for the following What-if types or requests types:

  • Infor
  • Lawson
  • Oracle
  • PeopleSoft FISCM
  • PeopleSoft HRMS

Request details are displayed on the following panels:

  • General Information:This panel provides a summary of general details, such as the creator of the request, the creation date and the connection for which the request is created.In case of a What-if analysis, this panel also displays the number of rule books and parameter lists used in the analysis. This panel provides a summary of general details such as the creator of the What-if or request, the creation date, the connection from which data was extracted.
    Note: The rule books displayed are Insight specific, even if the option  'All rule books' is selected while creating the What-if. However, if the option 'All parameter lists' is selected while creating the What-if, all existing parameter lists are displayed as they are not Insight specific.

    Click the Details link to view the Details pop-up window. The tabs displayed on this pop-up window vary depending on the request type.

  • Violation Chart : This panel does not display any information if the request has not generated any violations. If the request has generated violations, this panel provides a graphical view of the number of rules generating violations and the priority of violations generated. The total number of rules violated is listed on the right side of the panel.
  • Violating Objects for Infor : This panel displays a list of objects causing violations for the What-if/request. The Existing Violations tab (that lists all the existing violating objects) is displayed on this panel only if the Display Existing Violations option is set to YES on the Configuration page. (Infor Risk & Compliance System->What-if and Request Settings).

    Violating objects are displayed on the following tabs:

    • Roles From Selected Connection : This tab displays violations generated by new assignments in the selected connection. The violating objects are displayed as links on the left panel and their type depends on the What-if or request type. These violating objects include any of the following types:
      • Roles from selected connections: These include:
        • Newly assigned roles causing violations, are marked with an icon.
        • Existing roles which conflict with the newly assigned roles resulting in violations
      • Users from selected connections: These include:
        • Users associated with the violating objects
        • Users created through User Creation What-ifs and requests

      Click a violating object link to view the following object details on the right panel.

      • All the violated rules - These rules are displayed as links. The rule book name is displayed below the rule name.
      • Click the rule name to view the Violations for Rule page.
      • All the compensating controls attached to the violated rule. Click Add to attach additional compensating controls. The Create Compensating Control window displayed enables you to:
        • Select an existing compensating control. All the controls available in Infor Risk & Compliance are available for selection.
        • Create a new compensating control. For this, expand the Create New Compensating Control panel and specify the required details on the General Information and Supporting Documentation tabs. Click Save. The newly created control is displayed in the list below. You need to select the check box next to this control and click OK to attach it to the violated rule.

          Mitigated violations are marked with an icon. Attaching compensating controls to the violated rule ensures that the violating object is excluded from all analyses using that rule.

      • Exclusion expiration - By default, Never Expires is displayed in this column. This means that if the violating object is mitigated by attaching compensating controls, it will be excluded from all  analyses using that rule permanently. You have the option to modify this exclusion. For violations that are not mitigated, you can click the Never Expires link and select a required date. The violating object will be excluded from all analyses using this rule till the selected date only.
      • Click the Details icon corresponding to a rule to view the Violations Details report for the rule.
      • The search filter displayed on the right panel enables you to search for the required violated rule. In case of What-ifs, the search filter enables you to search for rules only by name, whereas in the case of requests, multiple search options such as name, mitigation status and exclusion expiration date enable you to search for the violated rule.
    • Roles From Other Connection : The violating objects displayed on the Roles From Selected Connection tab that have generated violations in connections other than the selected connection are displayed on this tab. The violation details displayed here is similar to the details displayed on the Roles From Selected Connection tab.
    • Existing Violations :This tab displays existing violating objects in the selected connection and is independent of the new violating objects. Existing violations cannot be mitigated or removed.

      The violation details displayed here are similar to the details displayed on the Roles From Selected Connection tab.

  • Violating Objects for Lawson: This panel displays a list of objects causing violations for the What-if/request. Existing Violations tab (that lists all the existing violating objects) is displayed on this panel only if the Display Existing Violations option is set to YES on the Configuration page. (Infor Risk & Compliance System->What-if and Request Settings). Violating objects are displayed on the following tabs:
    • Roles From Selected Connection : This tab displays violations generated by new assignments in the selected connection. The violating objects are displayed as links on the left panel and their type depends on the What-if or request type. These violating objects include any of the following types:
      • Roles from selected connections: These include:
        • Newly assigned roles causing violations, are marked with an icon.
        • Existing roles which conflict with the newly assigned roles resulting in violations
      • Users from selected connections: These include:
        • Users associated with the violating objects
        • Users created through User Creation What-ifs and requests

      Click a violating object link to view the following object details on the right panel.

      • All the violated rules - These rules are displayed as links. The rule book name is displayed below the rule name.
      • Click the rule name to view the Violations for Rule page.
      • All the compensating controls attached to the violated rule. Click Add to attach additional compensating controls. The Create Compensating Control window displayed enables you to:
        • Select an existing compensating control. All the controls available in Infor Risk & Compliance are available for selection.
        • Create a new compensating control. For this, expand the Create New Compensating Control panel and specify the required details on the General Information and Supporting Documentation tabs. Click Save. The newly created control is displayed in the list below. You need to select the check box next to this control and click OK to attach it to the violated rule.

          Mitigated violations are marked with an icon. Attaching compensating controls to the violated rule ensures that the violating object is excluded from all analyses using that rule.

      • Exclusion expiration - By default, Never Expires is displayed in this column. This means that if the violating object is mitigated by attaching compensating controls, it will be excluded from all  analyses using that rule permanently. You have the option to modify this exclusion. For violations that are not mitigated, you can click the Never Expires link and select a required date. The violating object will be excluded from all analyses using this rule till the selected date only.
      • Click the Details icon corresponding to a rule to view the Violations Details report for the rule.
      • The search filter displayed on the right panel enables you to search for the required violated rule. In case of What-ifs, the search filter enables you to search for rules only by name, whereas in the case of requests, multiple search options such as name, mitigation status and exclusion expiration date enable you to search for the violated rule.
    • Roles From Other Connection : The violating objects displayed on the Roles From Selected Connection tab that have generated violations in connections other than the selected connection are displayed on this tab. The violation details displayed here is similar to the details displayed on the Roles From Selected Connection tab.
    • Existing Violations :This tab displays existing violating objects in the selected connection and is independent of the new violating objects. Existing violations cannot be mitigated or removed.

      The violation details displayed here are similar to the details displayed on the Roles From Selected Connection tab.

  • Violating Objects for Oracle: This panel displays a list of objects causing violations for the What-if/request. The Existing Roles/Responsibilities Violations tab (that lists all the existing violating objects) is displayed on this panel only if the Display Existing Violations option is set to YES on the Configuration page. (Infor Risk & Compliance ->What-if and Request Settings).This panel does not display information in any of these tabs for an Emergency Access request. Violating objects are displayed on the following tabs:
    • Roles/Responsibilities from Selected Connection :This tab displays violations generated by new assignments in the selected connection. These objects are displayed as links on the left panel and their type depends on the What-if or request type. The violating objects displayed include any of the following:
      • Roles/Responsibilities from selected connections: These violations include:
        • Newly assigned roles/responsibilities causing violations. These are indicated with an icon .
        • Existing roles/responsibilities which conflict with the newly assigned roles/responsibilities resulting in violations.
      • Users from selected connections: Users associated with the violating roles/responsibilities.

      Click a violating object link to view the details of the object on the right panel. The right panel displays the following:

      • All the rules violated by the object selected on the left panel. These rules are displayed as links. The rule book name is displayed below the rule name. Parameter lists attached to the rule, if any, are displayed in brown on the left panel .
      • Click the rule name to view the Violations for Rule page.
      • All the compensating controls already attached to the rule. Click Add to attach a compensating control to the violated rule. The Create Compensating Control window displayed enables you to:
        • Attach an existing compensating control to the rule. All the controls available in Infor Risk & Compliance are available for selection.
        • Create a new compensating control. For this, expand the Create New Compensating Control panel and specify the required details on the General Information and Supporting Documentation tabs. Click Save . The newly created control is displayed in the list below. You must select the check box next to this control and click OK to attach it to the violated rule.
        Mitigated violations are marked with an icon. Attaching a compensating control to the violated rule ensures that the violating object is excluded from all analyses using this rule.
      • Exclusion expiration - By default, Never Expires is displayed in this column. This means that if the violating object is mitigated by attaching compensating controls, it will be excluded from all  analyses using that rule. You have the option to modify this exclusion. Click the Never Expires link and specify a required date. The violating object will be excluded from all analyses using this rule till the selected date only.
      • Click the Violation Details icon corresponding to a rule to view the Violations Details report for that rule.
      • The search filter displayed on the right panel enables you to search for the required violated rule. In case of What-ifs, the search filter enables you to search for rules only by name, whereas in the case of requests, multiple search options such as name, mitigation status and exclusion expiration date enable you to search for the violated rule.
    • Roles/Responsibilities from Other Connections : The violating objects displayed on the Roles/Responsibilities From Selected Connection tab that have also generated violations in connections other than the selected connection are displayed on this tab. The violation details displayed here are similar to the details displayed on the Roles/Responsibilities From Selected Connection  tab.
    • Roles/Responsibilities with Existing Violations :This tab displays existing violating objects in the selected connection and are independent of the new violating objects. Existing violations cannot be mitigated or removed. The violation details displayed here are similar to the details displayed on the Roles/Responsibilities From Selected Connection tab.
      Note: For Oracle Menu Change Management What-if and Oracle Menu Change Management Request, this panel displays information on following tabs:
      • Users with Violations: This tab displays violations generated by a new assignment.
      • Responsibilities with Violations: This tab displays violating objects that are generated as a result of cross-client analysis.
      • Users with Existing Violations: This tab displays details of the users with existing violations.
      • Responsibilities with Existing Violations: This tab displays details of the responsibilities with existing violations.

      When an Oracle Menu change Management What if or request analysis is performed  with 'Display Existing Violations' settings configured to YES; violations are generated for menu conflict, sensitive responsibility and responsibility conflict rules. These violations are displayed on the Users with Existing Violations and  Responsibilities with Existing Violations tabs along with violations generated for other Oracle rules.

  • Violating Objects for Peoplesoft HR and FI : This panel displays a list of objects causing violations for the What-if/request. The Existing Violations tab (that lists all the existing violating objects) is displayed on this panel only if the Display Existing Violations option is set to YES on the Configuration page. (Infor Risk & Compliance System->What-if and Request Settings). This panel does not display information in any of these tabs for an Emergency Access request. Violating objects are displayed on the following tabs:
    • Roles From Selected Connection : This tab displays violations generated by new assignments in the selected connection. The violating objects are displayed as links on the left panel and their type depends on the What-if or request type. These violating objects include any of the following types:
      • Roles from selected connections: These include:
        • Newly assigned roles causing violations, are marked with an icon.
        • Existing roles which conflict with the newly assigned roles resulting in violations
      • Users from selected connections: These include:
        • Users associated with the violating objects
        • Users created through User Creation What-ifs and requests

      Click a violating object link to view the following object details on the right panel.

      • All the violated rules - These rules are displayed as links. The rule book name is displayed below the rule name.
      • Click the rule name to view the Violations for Rule page.
      • All the compensating controls attached to the violated rule. Click Add to attach additional compensating controls. The Create Compensating Control window displayed enables you to:
        • Select an existing compensating control. All the controls available in Infor Risk & Compliance are available for selection.
        • Create a new compensating control. For this, expand the Create New Compensating Control panel and specify the required details on the General Information and Supporting Documentation tabs. Click Save. The newly created control is displayed in the list below. You need to select the check box next to this control and click OK to attach it to the violated rule.

          Mitigated violations are marked with an icon. Attaching compensating controls to the violated rule ensures that the violating object is excluded from all analyses using that rule.

      • Exclusion expiration - By default, Never Expires is displayed in this column. This means that if the violating object is mitigated by attaching compensating controls, it will be excluded from all  analyses using that rule permanently. You have the option to modify this exclusion. For violations that are not mitigated, you can click the Never Expires link and select a required date. The violating object will be excluded from all analyses using this rule till the selected date only.
      • Click the Details icon corresponding to a rule to view the Violations Details report for the rule.
      • The search filter displayed on the right panel enables you to search for the required violated rule. In case of What-ifs, the search filter enables you to search for rules only by name, whereas in the case of requests, multiple search options such as name, mitigation status and exclusion expiration date enable you to search for the violated rule.
    • Roles From Other Connection : The violating objects displayed on the Roles From Selected Connection tab that have generated violations in connections other than the selected connection are displayed on this tab. The violation details displayed here is similar to the details displayed on the Roles From Selected Connection tab.
    • Existing Violations :This tab displays existing violating objects in the selected connection and is independent of the new violating objects. Existing violations cannot be mitigated or removed.

      The violation details displayed here are similar to the details displayed on the Roles From Selected Connection tab.

    Note: This panel displays violation details for PeopleSoft HR - Permission List Assignment Management and PeopleSoft HR - Permission List Assignment Management and for PeopleSoft FI - Permission List Assignment Management and PeopleSoft FI - Permission List Assignment Management for following tabs:
    • Users with Violations: Displays violating users for a new assignment.
    • Roles with Violations: Displays violating roles for a new assignment.
    • Permission Lists with Violations: Displays violating permission lists for a new assignment.
    • Users with Existing Violations: Displays the existing violations of the selected users.
    • Roles with Existing Violations: Displays the existing violating roles assigned to the selected user.
    • Permission Lists with Existing Violations: Displays the existing violating permission lists assigned to the selected user.
  • Other Details: This panel displays comments, if any.

This page enables you to perform the following actions on What-Ifs, depending on the task type:

  • Re-Analyze the What-If: Click the Re-Analyze icon to perform the What-If analysis again. You may need to re-analyze What-Ifs in these scenarios:
    • What-If failure for some environmental issue
    • Change in the data or the rule
      Note: You can not re-analyze the What-if analyses that are in the 'in-progress state and in the 'reviewed' state.
    • Review the What-if : Click the Review icon. References to this What-if will be displayed only on the History tab of the What-if home page.
    • Delete the What-if : Click the Delete tab to delete a selected What-if. All references to this What-if will be removed from the What-if home page, including the History tab.
  • Generate request :The Generate Request icon allows you to generate a request after the What-if analysis is complete. This tab is enabled only if Access Manager is installed with Infor Risk & Compliance. This request goes through an approval process and if it is approved by the assigned approvers, the ERP system is updated with changes. To generate request for the What-if analysis
    1. Click the Generate icon
    2. Provide the required information on the New Request page displayed as described in the topic for that request
    3. Click Send.

This page also enables you to perform the following actions on Requests:

  • Delete a request : The Delete icon is displayed only if the request is in the requestor stage and not moved to the first approval stage. Click the Delete icon to delete the selected request. All references to this request are deleted from the system
  • Edit a request : The Edit icon is displayed on the user interface only if
    • You are the creator of the request or an administrator.
    • The request is in the requestor stage and not yet moved to the approval stages

    Approvers of the request cannot view the Edit tab.

    Edit a request as follows:

    1. Click the Edit icon. The page for this request is displayed
    2. Make the required changes and click Send. The request is resubmitted for analysis and a confirmation message is displayed
    3. Click Yes to continue. The request appears on the Requests home page
  • Send a request : The Send icon is displayed on the user interface only if the request has not generated any violations. Click the Send icon to send the request for approval.
  • Mitigate violations : The Mitigate icon is displayed on the user interface in the following scenarios:
    • You are the creator of the request and the request is in the requestor stage
    • You are the approver of the mitigation stage of the request.

    A violation can be mitigated by attaching compensating controls to the violated rule. This ensures that the violating object is excluded from all analyses using that rule. Adding Compensating Control during mitigation is mandatory. You can now configure Infor Risk & Compliance to enable Request Approvers to add comments in addition to adding compensating controls. To enable or disable this feature, select the option Allow comments during Request mitigation .(Configuration->Infor Risk & Compliance system->What-if and Request Settings ->Platform Options). This feature is disabled, by default. Comments will be added to the violation only when Mitigate button is clicked by the approver.

    You may mitigate violations by attaching compensating controls as follows:

    1. Select the violating object on the left panel. The right panel displays all the rules violated by this object. The Compensating Controls field below the rule name lists all the controls already attached to the rule.
    2. Additional compensating controls can be attached. You have the following options to do so:
      • Use compensating controls already available in Infor Risk & Compliance: Select any of the compensating controls already available in Infor Risk & Compliance as follows:
        1. Click Add below the rule name.
        2. From the Create Compensating Control window displayed, select the check box next to the required controls.
        3. Click OK.
      • Create new compensating controls: Create a new compensating control to be attached to the violated rule as follows:
        1. Click Add below the rule name.
        2. In the Create Compensating Control window displayed, expand the Create New Compensating Control panel.
        3. Specify the required details on the General Information and Supporting Documentation tabs.
        4. Click Save. The newly created control is added to the list of compensating controls displayed below.
        5. Select the check box next to this control and click OK.
    3. Click the Mitigate icon. Violations mitigated by attaching compensating controls are marked with an icon.
    4. Click Send. The request moves to the Inbox and the Requests home page of the next stage approver and to the History tab of the signed-in user.
  • Remove violating objects : Removing violating objects from this page means removing the objects for which changes are requested. If any of the violating objects are removed, Infor Risk & Compliance analyzes the request again for new violations. Remove a violating object as follows:
    • On the left panel, select the required violating object
    • Click the Remove icon. A message is displayed on this panel stating that the request is resubmitted for analysis.
Related topics