Compiling Audits
In order to create attestation tasks for auditors to review, audits must be compiled. When an audit is compiled, EmpowerID creates a certification task for each of the resource objects included in the Recertification policies associated with the audit. For example, if you have an Recertification policy that checks the access assignments of a particular security group and the policy is associated with the audit you are compiling, when you compile the audit you trigger the policy, which in turn creates the recertification tasks.
Prerequisites
In order to compile an audit, you must be the audit owner.
Before compiling an audit that generates Recertification tasks, you must do the following:
- Create the Recertification policy. See Creating Recertification Policies.
- Add targets to the Recertification policy. See Adding Targets to Recertification Policies.
- Create the Audit. See Creating Audits.
- Add the Recertification policy to the audit. See Adding Recertification Policies to Audits.
To compile audits
- In the navigation sidebar, expand Compliance Management and click Audit Configuration.
- From the Audit Configuration page, click the Audits tab, search for the audit you want to compile and click the Display Name link for that policy in the Audits grid.
- From the Auditor Compliance Dashboard, click the Audits tab, search for the audit you want to compile and then click the View Dashboard link for that audit in the Audits grid.
This takes you to the Audit Dashboard page for the audit. This page provides you with a dashboard for quick analysis of the audit's status as well as a Policies tab for viewing the Recertification policies included in the audit. From the Dashboard tab, click the Compile button.
If you do not see the Compile button, check the Start and End dates set for the audit. If the Start date is later than the present date and/or the End date has passed, EmpowerID disables the Compile button as the parameters for the audit are no longer valid. To enable the button, update the dates accordingly. Additionally, ensure that you are the audit owner.
- Update the data appearing on the dashboard by clicking the Refresh button for each data region.
If you receive a "Succeeded" message after compiling an audit, but do not see new data after refreshing the dashboard, this means that no new recertification tasks were created by the Recertification policies associated with the audit. With a previously compiled audit, this could simply indicate that no changes have occurred to a Recertification policy's target since the last compile (no new access assignments have been granted to a group, for example).
However, if the audit has never been compiled, this indicates that either the audit does not have a Recertification policy assigned to it, or that the Recertification policy is not targeted correctly for the policy type.