As a security administrator, use security requests to register any required changes in the security setup. In Security and compliance studio, you can create security requests from the Security management workspace.

Security request type

For each security request type, a different type-specific section is added to the Security request page. In this section, fill in or add the required type-specific information.

This table shows the available security request types, for each type the related section, and a description of what to do in this section (see step 9):

Type Type-specific section Description
General - Request a security configuration change that is not related to any of the types.
Create user Create users Request the creation of a user.

Add the desired roles for the user. To each role, assign the companies in which the user has the role. You can assign:

  • All organizations: The user has the role in all existing companies.
  • Specific organizations: You can select specific companies from all legal entities or from the organization hierarchies.
Assign role to user Assign roles to user

Request to add one or more roles to an existing user.

To each role, assign the companies in which the user has the role. You can assign:

  • All organizations: The user has the role in all existing companies.
  • Specific organizations: You can select specific companies from all legal entities or from the organization hierarchies.
Remove role from user Remove roles from user Request to remove one or more roles from an existing user.
Disable user Disable users Request to disable one or more existing users.
Enable user Enable users Request to enable one or more existing users.
Delete user Delete users Request to delete one or more existing users.
Create role Create role Request to create a role.
Use a security scenario to indicate all securable objects and related access levels that are required for the role to perform one or more tasks. You can select an existing scenario or upload a task recording that defines the scenario.
Modify role Modify role Request to modify one or more roles.
For each role, you can use a security scenario to indicate all securable objects and related access levels that are required for the role to perform one or more tasks. You can select an existing scenario or upload a task recording that defines the scenario.
Lock role Lock roles Request to lock one or more roles.
Unlock role Unlock roles Request to unlock one or more roles.
Delete role Delete role Request to delete one or more roles.
Create rule Enhanced SoD rules Request to create one or more enhanced segregation of duties rules.
Resolve conflict Enhanced SoD conflicts Request to solve one or more enhanced segregation of duties conflicts.
Delete rule Delete enhanced SoD rule Request to delete one or more enhanced segregation of duties rules.
Add stand-in Create stand-in Request to appoint a stand-in for one or more users for a specified period.
Cancel stand-in Remove stand-in Request to remove a stand-in appointment for one or more users for a specified period.
Create business risk Create business risk

Request to add an operational risk for your company.

You can link the risk to enhanced segregation of duties rules.


Standard procedure

1. Click Security management.
2. On the Requests tab, click New.
3. In the Request field, type a value.
4. In the Type field, select an option.
5. For informational purposes, define where the security request originates from.
  In the Origin field, select an option.
6. For informational purposes, you can define the security area to which the security request applies.
  In the Area field, enter or select a value.
7. Expand the Status section.
8. In the Priority field, select an option.
9. For each security request type, a different type-specific section is added to the Security request page.
For more information, refer to the table in the topic description.
  In the type-specific section, fill in or add the required information.
 

Note: For type 'General', no type-specific section is added.

10. In the Description section, enter a description of the security request.
11. Sub-task: Define applicable period.
  11.1 You can optionally fill in the Start date and End date. These dates define the period to which the security request applies. For example, the period during which a stand-in is required.
  Expand the Details section.
  11.2 In the Start date field, enter a date.
  11.3 In the End date field, enter a date.
  11.4 For informational purposes, you can define an external reference to which the security request is related.
  In the External reference field, type a value.
12. Close the page.

Notes

You can also create a security request for a specific record from the Security requests FactBox on several Security management pages:

  • Stand-in
  • Table security recording
  • Scenario
  • Segregation of duties rules
  • Users
  • Locked security roles

Related to Notes

Manage security requests

 

See also

Provide feedback