You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.

Skip to end of banner
Go to start of banner

Create Recertification Policies

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

A recertification policy contains actions to ensure that users submit an assurance that they have a genuine, continuous need for a particular resource or membership. As a project might have multiple deliverables, a recertification audit can have multiple recertification policies associated with it. We can create recertification policies of different types in the EmpowerID system, which are reusable. For example, we might want to certify an external partner and a member of certain high-risk management roles in an audit. These items are specified in one or more recertification policies and later added to the same audit.

Recertification Policies are snapshots of data that reveal the access to resources granted to people and to roles, the assignments of people to roles, and the security assignments that have been made against protected resources. These snapshots are routed for review to authorized personnel such as managers, role owners, or data owners. The review process allows the reviewer to verify the access and certify whether it is valid. Internal processes can use this data to remediate and rectify exceptions or certify the exceptions as permitted.

Please follow the instructions below to create a recertification policy

Create a Recertification Policy

  1. Log in to the EmpowerID.

  2. On the navbar, expand Compliance and select Recertification.

  3. On the Recertification page, select the Recertification Policies tab and then click + icon to create an audit.

  4. Click + icon to create a new recertification policy.

  5. In the Policy Details form that appears, click the Policy Type drop-down and select from the options. EmpowerID provides different policy types that define data snapshots for a particular resource type. More information about the policy types is covered here in the doc Recertification Policy Types.

  6. Fill in the Name, Display Name, and Description fields.

  7. Select Enabled to enable the policy.

  8. Click Save


After EmpowerID creates the policy, a Target grid appears on the policy details page. This grid allows you to add and remove recertification targets to and from the policy. Recertification targets will enable you to scope the recertification policy to the specific IT objects you want to audit. Multiple EmpowerID actor types can include people, roles, locations, groups, and query-based collections (SetGroup).

Next Steps

Add targets to recertification policies.

  • No labels