While starting from blank and preparing to design the certification flows we would require at least a few events and rules defined to start up with. Although there are more these are the basic ones and must.
Need to create the following for Certification Models:
1. Certification events(types)
i. Create Certification Event: Certification runs when a new identity is created.
ii. Manager Transfer: Certification runs when there is a change in the Identity’s “Manager attribute”.
iii. Attribute Change: Certification runs when the value of a specified Identity Attribute changes.
iv. Identity Trigger Rule: Needs more thought process
a. Certification runs when the specified IdentityTrigger rule returns a “True” result.
b. IdentityTrigger rules run anytime an Identity is changed in an Identity Refresh or Aggregation
c. The rule’s logic determines what attributes are evaluated, and the rule can return a True or False value; True fires the Certification and False does not.
2. Rules
i. Exclusion Rule:
a. Will be executed as part of the Certification creation process
Can be used to
b. Exclude “inactive” Identities from a Certification
c. Exclude specific Account Groups from an Account Group Membership Certification
d. Exclude certain Roles from an Application Certification
e. Exclude items from a Certification when they have already been included in another active Certification
ii. Certification Escalation Rule
a. Triggered at the time specified as the Escalation Trigger on the Certification if Access Review has not yet been finished and signed by the certifier
b. Will be used to provide the name of the Identity who should be notified of incomplete Access Review and impending deadline (Certifier’s manager or the Certification Owner)
iii. Closing Rule
a. Can be used to invoke a workflow at the end of certification.
Visit the System Tab to configure default settings for certifications.