AnsweredAssumed Answered

Account to entitlement mapping audit history

Question asked by Amit Khatua on Dec 26, 2017
Latest reply on Jan 23, 2018 by Michael Carney



Can anyone help if RSA stores the audit information of mapped entitlement of an account. Basically we got a question from system audit team to figure out below - 


1. Complete audit history of entitlements assigned to any account till date (e.g. account1 was assigned to Read app-role on 3rd Sept, and the same was replaced with Write on 10th Nov. So, table should have 2 entries with date against account1). I know the last n times raw data can help with little information, however the requirement is to provide the complete history of the account's life cycle 

2. Whether the account was having any SOD exceptions access assigned to it any one its life-cycle. If so, what were the conflicting access and when was it granted and revoked.


The business justification of these requests are to track any access which was assigned to any account and to make sure that user did not misuse the same. 


One solution I can think of is having the all user access report everyday and refer that whenever required. Any other solution (any view/table keeps these information) ? 


I'm in VIA 7.0.2 P04.


- Amit