Account validity recertification is a method of determining whether or not accounts are still required. Certain actions must be made if the accounts are no longer required. In other words, account validity recertification policy is to certify whether an account should exist or not. For example, in a company there may be access recertification of employees every year. For the recertification, an audit is created
For the recertification, a recertification policy is created, a recertification audit is created, the recertification policy is added to the audit, then audit is compiled, which generates business requests that are sent for approval. The
In case of account validity recertification, the recertification engine bundles the recertification items into business requests as per the responsible party assigned. If the For any item being recertified where its responsible party is null for any item being recertified, the engine , it bundles them all into one business request where as per the fall-back assigneeis used in place of responsible party.Recertification policies are policies that you add to audits to generate recertification review tasks for the access assignments given to people, roles, groups, and query-based collections. Possible decisions for account validity recertification .
The possible decisions for the business requests are generally set as certify, disable , or delete etc. However, these possible decisions are configurable. These configuration is described under decision configuration at the end of this page.
In this post, we will create account validity type recertification policy and add a target to it.
...