Wednesday, August 5, 2020

Certification Types

Certification Types are :

# Targeted Certification
# Manager Certification
# Application Owner Certification
# Entitlement Owner Certification
# Advanced Certification
# Role membership
# Role Composition
# Account Group Permission
# Account Group Composition

Targeted Certification :



Manager Certification :
  • Which specific managers / all managers
  • Which applications / all applications
  • Certify Entitlements / Accounts
    • Can certify if a user has on a system versus the specific entitlements a user possesses
  • For entitlements
    • Include Additional Entitlements
    • Include Roles
    • Certify Accounts with no Entitlements (Y / N)
  • Policy Violations
Application Owner Certification    :
  • Which applications / all applications
  • Certify Entitlements or Accounts
    • Can certify if a user has on a system versus the specific entitlements a user possesses
  • For entitlements
    • Include Additional Entitlements
    • Include Roles
    • Certify Accounts with no Entitlements (Y / N)
  • Policy Violations
Entitlements Owner Certification    :
  • Which applications / all applications
  • Include un-owned Entitlements
  • If yes, who will review un-owned Entitlements
    • default : Application owner
  • Can define another user
  • Note : Entitlements descriptions and ownership is defined by created Managed Entitlements
    • Missing Managed Entitlements scan task
    • Aggregating with "Promote managed entitlements" checked
    • Using a "Managed Entitlements Customization Rule" as part of your application definition
Advanced Certification    :
  • User group(s) to certify (Population or Groups Factory)
  • Note : Rules can used to assign certifiers to groups with Factory
  • Others options are just like Manage Certification
Role Membership and Role Composition Certification    :
  • These certifications will request that the owner of a role certify the members of each or the composition (makeup) of the role
  • Which roles to certify
    • Choose specific ones
    • By Type (Business / IT / etc.)
    • All Roles
Account Group Permissions and Account Group Membership Certifications    :
  • These certifications will request that the owner of an account group certify the actual entitlements/ permissions granted to each the Account Group or the Membership of the Account Group
  • Which applications to certify
    • Choose or All applications




 


at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Fetch Members from Workgroup

  import java.util.ArrayList;   import java.util.Iterator;   import java.util.List;   import sailpoint.api.ObjectUtil;   import sailpoint.ob...