Identity Policies › Identity Policies › Create an Identity Policy Set › Create an Identity Policy

Create an Identity Policy

After you define the profile and member rule for the Identity Policy Set, you can define the identity policies in that policy set.

Note: In large implementations, it may take significant time to evaluate identity policy rules. To reduce the evaluation time for rules that include user-attributes, you can enable the in-memory evaluation option. For more information, see the Configuration Guide.

To create an identity policy

1. Select the Policies tab.
2. Click Add.
3. Enter a name for the identity policy.
4. Select the Apply Once check box if you want to apply the policy only when a user first meets the policy.
5. Select the Compliance check box to flag this policy as a compliance policy.

   If this check box is selected:

   • CA Identity Manager can generate reports for users that are not synchronized with compliance policies.
   • The Compliance Violation action is visible in the Action on Apply/Remove Policy list box.
6. Identify the users to which the policy applies in the Policy Condition section.
7. In the Action on Apply Policy section, define the actions that CA Identity Manager takes when the identity policy is applied to a user.
8. In the Action on Remove Policy section, define the actions that CA Identity Manager takes when a user no longer meets the conditions for the identity policy.
9. Click OK.

Note: Before you can use the identity policy set that you created, enable identity policies in the Management Console. See the Configuration Guide for more information.

More information:

Policy Conditions

The Apply Once Setting

Actions on Apply/Remove Policies