Policy rule
Status | supported |
---|---|
Since | 3.6 |
Description
Policy rules provide a generic mechanism to set up policies and policy constraint in the system. E.g. a policy rule may specify that all departments must have exactly one manager, or that each business role must have at least one owner. Many midPoint features are implemented by policy rules, most notably approval policies, segregation of duties and triggered micro-certifications.
Documentation
Version | Introduction | Guides | Configuration | Examples | Plans |
---|---|---|---|---|---|
Development | Policy Rules |
Policy Rules |
|||
4.8 | Policy Rules |
Related Features
Compliance
This feature is related to the following compliance frameworks:
-
ISO/IEC 27001 5.2: Information security roles and responsibilities
-
ISO/IEC 27001 5.8: Information security in project management
-
ISO/IEC 27001 5.9: Inventory of information and other associated assets
-
ISO/IEC 27001 5.10: Acceptable use of information and other associated assets
-
ISO/IEC 27001 5.19: Information security in supplier relationships
-
ISO/IEC 27001 5.20: Addressing information security within supplier agreements
-
ISO/IEC 27001 5.21: Managing information security in the ICT supply chain
-
ISO/IEC 27001 5.22: Monitoring, review and change management of supplier services
-
ISO/IEC 27001 5.24: Information security incident management planning and preparation
-
ISO/IEC 27001 5.26: Response to information security incidents
-
ISO/IEC 27001 5.31: Legal, statutory, regulatory and contractual requirements
-
ISO/IEC 27001 5.36: Compliance with policies, rules and standards for information security
-
ISO/IEC 27001 6.3: Information security awareness, education and training
-
ISO/IEC 27001 6.5: Responsibilities after termination or change of employment
-
ISO/IEC 27001 6.6: Confidentiality or non-disclosure agreements
-
ISO/IEC 27001 8.19: Installation of software on operational systems
-
ISO/IEC 27001 8.27: Secure system architecture and engineering principles