Versions Compared

Old Version 1

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Dhiraj Kumar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Several permanent workflows handle recertification. To use the recertification functionality, be sure to enable these workflows. EmpowerID uses default settings for each workflow if no configuration is applied to the audit. Default settings are defined on each workflow View One page.

Page Properties
hiddentrue

Edit Audit Details Workflow

This permanent workflow enables Audits to be edited.

Update audit operation

This operation adds fields to support PAM functionality. The following visible fields appear in the Audit Configuration screen.

Note

No emails are sent if the default template is missing from the audit or EnableEscalation is not enabled.

Field

Description

NotifyParticipantOnAuditCreation

Enable this option to send email to the audit reviewers from the email template in AllParticipantNotificationEmailTemplateID

AllParticipantNotificationEmailTemplateID

Specify the template the audit uses to send an email to audit reviewers after Audit Creation.

EnableNotification 

Enable this option to send email to the reviewers the number of days after the audit start date configured in NotifyOpenTaskParticipantAferAuditStartInDays if they have open tasks.

It uses the email template in OpenTaskNotificationEmailTemplateID and is based on the frequency configured in NotifyFrequencyinDay.

UnreviewedRecertificationTaskNotification

Set the number of days after which open task emails should be sent.

OpenTaskReminderEmailTemplate

Specify the template the audit uses to send an email reminder to reviewers who have open tasks assigned to them.

EnableReminderNotification 

Enable this option to send a reminder email to reviewers who have open tasks assigned to them.

ReminderNotificationFrequencyInDays

Set the frequency of open task emails.

Localized key = NotificationFrequencyInDays

EnableEscalation

Enable to send an escalation email to the manager of reviewers the number of days before the audit ends configured in EscalationOpenTaskParticipantBeforeAuditEndInDays. It uses the email template in OpenTaskNotificationEmailTemplateID and is based on frequency configured in EscalationFrequencyInDays.

Direct reports receive a cc of the escalation email. No option is provided disable this; all escalation emails send a cc to direct reports.

EscalateOpenTaskParticipantBeforeAuditEndinDays

Set the number of days before the audit ends on which the open task escalation emails are sent.

OpenTaskEscalationEmailTemplateID

Specify the template the audit uses to send an escalation email to the manager of reviewers who have open tasks assigned to them.

EscalationFrequencyInDays

Specify the frequency of open task escalation emails.

IsTemplate

Enable this option to use the Audit as a template for creating new Audits with the parameters and on the schedule defined for the template.

EnableAuditCreationOnSchedule

Enable this option to use a schedule for the template audit.

AuditCreationSchedule

Specify the template audit schedule.

AuditNextCreation

Next Audit creation date will be used by the permanent workflow Create Scheduled Certification Audit

LastAuditCreation

Displays the last Audit creation date.

AuditDurationInDays

Displays the new Audit duration.

EnableAutomaticRevocationAfterDueDate

Enable this option to revoke and close the Resource Attestation tasks when the permanent workflow Close And Revoke Recertification Unreview Task After Audit Due Date runs.

Process Group Fulfillment Workflow

This permanent workflow creates fulfillment workflow tasks for applications and groups, and sends an email notification to the owners. After a decision is made, it adds or removes the members. It sends an Email attachment containing the Action, Group, Description, Notes, First Name, Last Name and User Name.

Workflow Parameters

Parameter

Description

ManagementRoletoNotify

Specify the Default approver for the task if the group has no owner.

EmailTemplateName

Specify the email Template for the fulfillment task.

  • TemplateAudit

  • TemplateAuditURL

  • CURRENTDATE

Email Tokens

  • TargetApplication

  • CurrentDate

  • WorkflowTasksURL

  • TargetAccountStore

  • Target Group

Create Scheduled Certification Audit Workflow

...

Parameter

Description

AuditDeleteNotificationEmailTemplateName

Specify the email template for the audit to send for deletion notifications.

Email Tokens

  • DeletedAudit

  • TemplateAudit

  • TemplateAuditURL

  • CURRENTDATE

AuditDeletedNotificationManagementRoleName

Specify the Management Role Name to notify.

...


Close Revoke Re-certification Unreview Tasks After Due Date Workflow

This permanent workflow closes Audits that have Enable Automatic Revocation After Due Date enabled and the Audit has reached the Due Date. It closes each Resource Attestation by invoking the Close Resource Attestation workflow.

...

This permanent workflow creates fulfillment workflow tasks for applications and groups, and sends an email notification to the owners. After a decision is made, it adds or removes the members. It sends an Email attachment containing the Action, Group, Description, Notes, First Name, Last Name and User Name.

Workflow Parameters

...

Parameter

...

Description

...

ManagementRoletoNotify

...

Specify the Default approver for the task if the group has no owner.

...

EmailTemplateName

...

Specify the email Template for the fulfillment task.

  • TemplateAudit

  • TemplateAuditURL

  • CURRENTDATE

...

Email Tokens

...

  • TargetApplication

  • CurrentDate

  • WorkflowTasksURL

  • TargetAccountStore

  • Target Group

Unreviewed Recertification Task Notification Workflow

...

Parameter

Description

NotificationDayCount

Specify the day count to use when NotifyOpenTaskParticipantAfterAuditStartInDays is not defined or is set to zero (0).

EscalationDayCount

Specify the day count to use when EscalateOpenTaskParticipantBeforeEndDays is not defined or is set to zero (0).

If it is set to a negative value, no emails are sent.

FrequencyDayCount

Specify the day count to use when NotificationFrequencyInDays or EscalationFrequencyInDays are not defined or are set to zero (0).

NotificationEmailTemplateName

Specify the email template to send to the reviewer.

Email Tokens

  • TargetPerson

  • CurrentDate

  • AuditDueDate

  • AuditStartDate

  • TargetAudit

EscalationEmailTemplateName

Specify the email template to send to the Manager and CC to the Target Direct Report.

Email Tokens

  • TargetManager

  • TargetDirectReport

  • TargetPerson

  • CurrentDate

  • AuditDueDate

  • AuditStartDate

  • TargetAudit


Continuous Group Membership Recertification

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue
This permanent workflow creates recertification tasks when users are added to groups via Business Requests within the past X number of days in account stores where Recertify External Group Changes as Detected is enabled.

Workflow Parameters

Parameter

Description

DaysInput

Specifies the past number of days of group changes to be included in recertification. Set by default to 10.

BusinessRequestTypeID

Specifies the ID of the Business Request Type. Set by default to the ID of the ITShop Business Request Type.

BusinessRequestItemTypeActionID

Specifies the ID of the Business Request Item Type Action. Set by default to the ID of the Recertify Group Membership Business Request Item Type Action.

...

Next steps

Manage Recertification workflow parameters