Policy Violation Report

This report details policy violations detected for identities. It shows which policies, and rules within the policies, were violated by which user, the violation owner for each, the current status of each violation, and a brief summary or description of each. (The Summary column either shows the description value for the violation, or displays the lists of mutually exclusive roles in a separation of duties policy, or displays the description on the policy constraint itself.)

The report also includes a summary section made up of a summary table and a graph. The table shows the number of violations included in the report, the number of identities involved in that violation set, and the number of open violations and mitigated violations in the set. The chart shows the numbers of violations of each policy type in graphical form.

The detailed results of this report can be exported to a CSV or PDF file.

The Policy Violation Report consists of the following sections:

• Standard Report Properties

• Policy Violation Properties – these are described in the table below

• Report Layout

All reports use a set of standard properties for basic information such as naming and descriptions, and for setting controls, such as scoping and requiring sign-off.

You must enter the following before running this report:

• Name

For step by step instructions on creating or editing a report, see Working With Reports.

Policy Violation Properties

The following criteria determines what information is included in this report. You can use any combination of options to build a report.

Note: Selecting NO options from a list indicates that ALL options in the list are included in the report.

Option	Description
Identities	Select the identities to include in the report. If no identities are specified, all identities are included. Click the arrow to the right of the suggestion field to display a list of all identities, or enter a few letters in the field to display a list of identities that start with that letter string. Only violations associated with the selected identities are included in the report.
Policy	The policies to include in this report. Only violations of the policies selected from the list are included in the report.
Violation Activity	Show only violations of active policies, only violations of no longer active policies, or all violations (only relevant after running an identity refresh task with both the Check active policies and Keep previous violations options selected)
Violation Date	Only the violations detected on or before this date are included in the report.
Violation Status	Use to filter the report by violation status type. Choose from Open Violations, Inactive Violations, and All Violations.