In the Security and Compliance Studio, you can audit the security configuration in several ways:
Global security history - Shows all security configuration change events on all users, all security roles, duties, privileges, segregation of duties, stand-ins, and across all legal entities.
User security history - Shows all security configuration change events on the selected user across all legal entities.
Role security history - Shows all security configuration change events on the selected role across all legal entities.
Events done on the security configuration are logged in the security history. You can analyze these changes to the security configuration. The following table lists each security configuration element and its related logged events:
Security configuration element | Event logged |
|---|---|
Azure AD group |
|
Audit log |
|
Duty |
|
Dynamic snapshot |
|
Entry point |
|
Form control permission |
|
Objects |
|
Privilege |
|
Role |
|
Security configuration |
|
Security explorer |
|
Security request |
|
Sensitive data setup |
|
Snapshot |
|
SoD rule |
|
SoD conflict validation override |
|
Stand-in role |
|
Stand-in rule |
|
User |
|
Steps
Click Security audit.
Sub-task: Analyze global security history.
On the Security history tab, analyze all events that are logged on the security configuration.
You can analyze the security history details for all events that are logged on the security configuration.
Click More.
You can view the detailed security history information for a security history record.
On the Security history page, in the upper section, in the list, find and select the desired record. Analyze the information in the Details section.
Close the page.
An event as logged in the security history, can result from a security request. Once approved, a security request is implemented automatically. This results in a change event on the security configuration.
If an event results from a security request, the related security request is shown in the Security request reference field. You can view the related security request history.
On the Security history tab, in the list, find and select the desired security-request-related event.
Click Open security request history.
Close the page.
Sub-task: Analyze role security history.
Click the Role history tab.
On the upper pane, all available security roles are shown.
In the list, find and select the desired record.
On the lower pane, analyze all events that are logged on the security configuration of the selected role.
Sub-task: Analyze user security history.
Click the User history tab.
On the upper pane, all available users are shown.
In the list, find and select the desired record.
On the lower pane, analyze all events that are logged on the security configuration of the selected user.
Notes
You can analyze the changes made to the security configuration of a specific user and/or role during a specific time period. To do so, on the Security audit workspace, in the Links section, click Security user log. Use the Date range, User ID, and Roles fields to filter the logged security changes. Click Collect and refresh data to apply the defined filters.