Default ACIs for the separation of duty policy

Default ACIs for the separation of duty policy

See descriptions of the default access control items (ACIs) for separation of duty capabilities.
Grant Search to Auditor Group

Allows the auditor group to view the policies, rules, violations, and exemptions.

Grant All to Owner

Grants all operations to the owner of a separation of duty policy in the organization. We might allow a user who is not a system administrator to create a separation of duty policy. You must create an ACI that grants the add permission to that user.

Parent topic: Separation of duty policies