Apply an ARM account to a specific security role or data owner

There are two possibilities of involving data security officers and auditors in security related processes.

Grant the user read only access to Access Rights Manager.
Define which reports are relevant and Access Rights Manager will send them to the user automatically in the desired frequency.

Create a simple read-only account in ARM

Background / Value

Involve security officers in the process of access rights management by granting them read-only access. This allows them to generate their own reports.

These settings can be found in the ARM configuration application. You can find more detailed information in the chapter "Manage ARM Users".

Step-by-step process

Start the ARM configuration application.
Select "User Management".
Use the search field to find the desired account.
Use drag&drop to move the account to the right column.
In the role column, select "Auditor".

The settings are active immediately.

Schedule reports

Background / Value

You can involve security personnel in the access rights management process by assigning reports to the appropriate security officers. Access Rights Manager sends the reports in the desired frequency. The process is identical for all reports.

We recommend sending a selection of management reports to the role responsible for security. The reports are easy to read and only contain the necessary information.

Access Rights Manager Management Reports:

Active Directory

Employees of a Manager

Display group memberships and user account details

File server

Who has access where?

Where do employees of a manager have access to?

Where do users and groups have access?

Exchange

Who has access to what?

Identifying mailbox permissions

SharePoint