I discussed about Resource Type, ResourcePolicies and OIA vs Global Users, In this post I am going to cover Business Structure (aka Business Unit – BU) in Oracle Identity Analytics (OIA)

Users in an Organization can be categories in departments/sub-department, In OIA department/sub-department are represented by Business Structure (aka Business Unit)

1. Business Structure can have departments with many levels of Hierarchy (Business Structure as member of another Business Structure).

2. To create Business Structure in OIA, login to OIA console -> Identity Warehouse -> Business Structures ->


3.
All Operations in OIA (like Identity Certification & Identity Auditing) are performed based on a Business Structure (More on Identity Certification and Identity Auditing in OIA later).

4. Business Structures in OIA are stored in table BUSINESSUNITS (under OIA schema – default name rbacxservice)

5. Business Structures may have managers assigned who will be in charge of reviewing access to user in that business structure. (Manager information is stored in column BUSINESSUNITMANAGERS of table BUSINESSUNITS)

 

Note: In OIA You can create User Entitlement Certification for an Organization and Manager of that Organization can then review access privileges of users in that Organization.

7. Apart from manager assigned to Business Structure (or Business Unit), a Business Structure can have Administrator (stored in column BUSINESSUNITADMINISTRATOR of table BUSINESSUNITS)

NoteIn OIA You can create Business Structure Rule (that can define which user belongs to which Business Structure) and any change in rule for particular Business Structure can be notified to Business Structure Administrator.

8. Business Structures have Global Users assigned to them and Global Users can be assigned to one or more Business Structure.

9. Association between Global Users and Business Structure is stored in table BU_GLOBALUSERS (in rbacxservice schema of OIA)

10. Apart from Global Users, Business Structure can have association with Roles and Policies (More on ROLES in OIA later)

a). Association between a Role and Business Structure (or Business Unit) is stored in table BU_ROLES

b). Association between a Policy and Business Structure (or Business Unit) is stored in table BU_POLICIES

11. To associate a Global User in OIA with Business Structure

a) Select Identity Warehouse -> Users -> search and select User -> select tab Business Unit and then add Business Unit
or
b) Select Identity Warehouse -> Business Structures -> search and select Business Structure -> select tab Users and then add Users
or
c) You can run Business Structure Rule to associate Users to Business Structure Rule that you define in Rule.

12. To associate a Role in OIA with Business Structure
a) Select Identity Warehouse -> Roles -> search and select Role. Select tab Business Structure tab and then add Business Structure
or
b) Select Identity Warehouse -> Business Structures -> search and select Business Structure -> select tab Roles and then add Role

12. Users can also be associated to Business Structure using Business Structure rule (where you can defined rule like if User’s attribute department is finance then assign them to finance Business Structure. When this Business Rule is executed then all users with attribute department with value finance are assigned to Business Structure Finance)

 

13. Business Structures can be loaded in to OIA in bulk using CSV file. More  here on importing Business Structures using Import/Export in OIA