After creating an audit, we need to add one or more recertification policies to the audit. We might want to audit or certify multiple items using an audit. For example, in a Q1 audit we might want to certify, an external partner, identify as well as a member of certain high-risk management roles. These items are specified in one or more recertification policies. EmpowerID maintains an audit trail of these access snapshots and the decisions made concerning the access. EmpowerID recertification audits can be scheduled to run periodically, such as on a quarterly or monthly basis, weekly, daily, or at will.
In this post, we will learn how to add a recertification policy to an audit.
Add the Recertification Policy on the Audit
Click on the '+' icon on the audit details page to add a recertification policy to the audit.
Select the recertification policy from the recertification dropdown.
Select the fall-back assignee and click on Save.
Entering a number in the Ignore Any Certified within the Last X Days field is useful in situations where a previous audit closed before all recertification tasks it generated were completed. This way, managers only receive recertification tasks for any direct reports who were not certified in the last audit.
This setting does not completely exclude previously audited direct reports; it only excludes those access assignments that were re-certified within the specified day range. Thus, if a direct report gains access to a new resource, such as becoming the member of a new group, the audit generates a recertification task for that new membership.
Related