An audit can be considered as a project with a start date and end date. We might want to audit or certify multiple items using an audit. For example, in a Q1 audit you might want to certify, an external partner, identify as well as a member of certain high-risk management roles. These items are specified in one or more recertification policies. As a project might have multiple deliverables an audit can have multiple recertification policies associated with it. We can create recertification policies of different types in the EmpowerID system, and these policies are reusable.
Recertification policies are policies that you add to audits to generate recertification review tasks for the access assignments given to people, roles, groups, and Query-Based collections. Business role and location membership policy are to certify the membership of a business role and location. Possible decisions are: certify or revoke the memberBusiness role and location membership policy is to certify the membership of a business role and location. For the recertification, an audit is created, which generates business requests that are sent for approval. The engine bundles the recertification items into business requests based on the object itself. Therefore in this case the business role and location is the bundle for the business requests and its members are items. The Possible decisions are generally configured as certify or revoke the member. However, these possible decisions are configurable. This configuration is described under decision configuration at the end of this page. In this post, we will create a business role and location membership type recertification policy and add a target to it.
...