Creating Segregation of Duties template

Segregation of Duties reports are generated using templates that you create. Each template defines the business rules to evaluate.

  1. In the Security Administration, select Administration > Security Reports > Segregation of Duties. If the consolidated Security Administration menu is enabled, select Reports > Segregation of Duties.
  2. Click the My Template tab and click Create Template.
  3. Specify this information:
    Template ID
    Specify a template identification name. This name must be unique from all other templates.
    Template Name
    Optionally, specify a template name that serves as a descriptive title shown in the output.
    Description
    Optionally, specify a description for the query.
    Data Area
    This field defaults to the current data area you are using.
    Template Type
    Optionally, select a template type.
    Priority
    Select a priority to indicate the importance of a report. You can use the priority value when sorting the SOD template and result list. The priority value is informational only and determined by the customer. If selected, the report list shows the priority with a color code:
    • Low: Green (default)
    • Medium: Yellow
    • High: Red
    Excluded Roles
    Optionally, select roles to exclude from the report output. This field is often used to exclude administrator roles.
    Run By
    Select the subject for analysis. You can select Actor, Role, or Security Class. To evaluate a specific subject, select a specific Actor, Role, or Security Class in the Filter by field. If you do not select one, the template queries all Actors, Roles, or Security Classes.
  4. Click Save.
  5. Create condition sets for the template.
    1. On the My Template page, select the template to add condition sets.
    2. Click the Left Side Condition tab and click Create.
    3. Specify this information:
      Operator
      Select an operator to define how multiple policies are combined. Select one of these options:
      • AND: Requires all conditions.
      • OR: Requires any condition.
      Securable Object Type
      Select Business Class or Business Task. An additional field is displayed where you can select the specific Business Class or Business Task to use.
      Common Action
      Select the common action to use.
      Business View Action
      Select the business view action to use.
    4. Click Submit.
    5. Optionally, create another condition set on the Right Side Condition tab.