Views:

Control Manager (TMCM) provides the following Data Loss Prevention (DLP) user roles:

  • Administrator and DLP Compliance Officer
  • DLP Compliance Officer
  • DLP Incident Reviewer
 
You can only assign the "DLP Compliance Officer" and "DLP Incident Reviewer" roles to Active Directory user accounts.

In the “DLP Incident Investigation” Tab of the Dashboard, each widget panel provides the Incident Scope – All Managed Users and Directly Managed Users. Incident Scope is based on the Active Directory Users Architecture — specifically properties of the users in relation to “Direct Reports” and “Manager”.

DLP Incidents

For the "All Managed Users" and "Direct Managed Users" scopes, you will see the same result for the DLP Incident Reviewer user role since it is limited to access only directly managed users. For instance:

User Administrator and testDirector reports to testCEO

It is expected that once testCEO logs in, you will be able to see only user Administrator and testDirector on the “DLP Incidents by User” Widget on both Incident Scopes.

DLP Incidents

 

You will be able to see all the incidents of all the users directly reporting to each manager on the widget.

DLP Incidents

For the DLP Compliance Officer User role, you will be able see all incidents of all AD users. For instance:

  • User Administrator and testDirector reports to testCEO
  • User testuser reports to testHR
  • User testuser2 reports to testTS
  • User testLead reports to testFinance

Once a user with a DLP Compliance Officer role logs in, it is expected that you will be able to see the user testCEO, testHR, testTS, testFinance.

DLP Incidents

Keywords: DLP Incident,DLP Incidents by User,widget,Administrator and DLP Compliance Officer,DLP Compliance Officer,DLP Incident Reviewer,user roles,DLP Incident Investigation