Page Comparison

Account Validity

Account validity recertification policy is used to audit if certify whether an account should exist , be disabled, or be deletedor not. Possible decisions are: certify, disable and delete.

Business Role and Location Membership

Business role and location membership policy is used to audit if to certify the membership of a business role and location, person membership, exists. Possible decisions are: certify or revoke the member.

Direct Reports

This The direct reports recertification policy is used to audit certify who reports to whom. To certify a manager’s direct reports.

Exchange Mailbox Permissions

This The exchange mailbox permissions recertification policy is used to audit who currently has what type of access to a given exchange mailboxto certify the mailbox permission. Possible decisions are: certify or revoke permission.

Folder Permissions

This The folder permission recertification policy is used to audit who currently has what type of access to a given to certify the folder permission of a windows folder. Possible decisions are: certify or revoke permission.

Group Membership

This The group membership recertification policy is used to audit who currently has membership in a given groupcertify group membership including user and nested groups. Possible decisions are: certify, revoke or convert to just in time membership(pre-approved).

Group Owner

This The group owner recertification policy is used to audit the attestation for ownership of groupscertify the group owners.

Group ValidityGroup Validity, checks that the account should exists, routes the request to group owner first and then fall-back

The group validity recertification policy is to certify whether a group should exist or not in the group. Possible decisions are: certify, disable and delete.

Management Role Access Assignment

This The management role access assignment recertification policy is used to audit certify the access granted by the to management role including any RBAC assignment.

Management Role Membership

This The management role membership recertification policy is used to audit certify the current assignees members of a management role, including people, group and business role and location.

Management Role Validity

This The management role validity recertification policy is used to audit certify the current validity of a management role. This recertification determines if the management role should exist, be "disabled", or deleted.

Person Access Summary

This The person access summary recertification policy is used to audit certify all the access assigned directly to a person.

Person Direct Entitlements

This The person direct entitlements recertification policy is used to audit certify all the entitlements given directly to a person.

Person ValidityPerson Validity, checks that the account should exists, routes the request to Person owner first and then fall-back

The person validity recertification policy is used to certify the a person should exist or not. Possible decisions are: certify, disable and delete.