While starting from blank and preparing to design the certification flows we would require at least a few events and rules defined to start up with.Although there are more but these are the basic ones and must.
Need to create following for Certification Models:
1. Certification events(types)
i. Create Certification Event: Certification runs when a new identity is created.
ii. Manager Transfer: Certification runs when there is a change in the Identity’s “Manager attribute”.
iii. Attribute Change: Certification runs when the value of a specified Identity Attribute changes.
iv. Identity Trigger Rule: Needs more thought process
a. Certification runs when the specified IdentityTrigger rule returns a “True” result.
b. IdentityTrigger rules run anytime an Identity is changed in an Identity Refresh or Aggregation
c. The rule’s logic determines what attributes are evaluated, and the rule can return a True or False value; True fires the Certification and False does not.
i. Exclusion Rule:
a. Will be executed as part of Certification creation process
Can be used to
b. Exclude “inactive” Identities from a Certification
c. Exclude specific Account Groups from an Account Group Membership Certification
d. Exclude certain Roles from an Application Certification
e. Exclude items from a Certification when they have already been included in another active Certification
ii. Certification Escalation Rule
a. Triggered at time specified as the Escalation Trigger on the Certification if Access Review has not yet been finished and signed-off by certifier
b. Will be used to provide name of the Identity who should be notified incomplete Access Review and impending deadline (Certifier’s manager or the Certification Owner)
iii. Closing Rule
a. Can be used to invoke a workflow at the end of certification.
Visit the System Tab to configure default settings for certifications.