Responding to Recertification Tasks

f you are an audit participant who manages resources being audited, you will be assigned recertification tasks. Recertification tasks give you the opportunity to review the access surrounding the resource and either certify that access or revoke it. For example, if you are a manager with direct reports whose access is being audited, EmpowerID sends you a recertification task for each of those direct reports. To respond to the task, you review the access of the direct report for whom the task corresponds, decide whether the access is appropriate or not, and submit that decision to the auditor for review.

This topic demonstrates how to respond to recertification tasks from the perspective of a manager involved in an audit of direct reports .

To view your Recertification tasks

1. Log in to the EmpowerID Web application as a manager of people with access assignments that you need to certify.

2. From the Navigation Sidebar, expand Tasks and Requests, then Recertifications and click To Do.
   
   Your direct reports' recertification tasks appear on the Person Recertifications tab view. This view allows you to see each person whose access you need to review and certify, the status of the task, as well as other relevant information, including the task due date.
   
   
   

   Open

   

   
   
   
   

3. To view more information about a particular task, click the Direct Report link for one of your direct reports.
   
   
   

   Open

   

   
   
   This directs you to the Recertification Details page, which is divided into several sections for interacting with the recertification tasks:
   
   
   

   •  

     • A Certifying Section — This section of the page shows which person you are certifying as well as the status and percentage completed of the certification.
       
       In the image below, the person to be certified is John Lily, the certification status is Not Started, and the percentage completed is 0.
       
       

       
       
       
       

     • A Roles Grid — This grid displays any Business Roles or Management Roles assigned to the person being audited and provides controls for interacting with those role assignments. These controls include the following:
       
       
       

       Open

       

       
       
       
       

       •  

         • Certify Button — Clicking this button certifies the role assignment.

         • Revoke Button — Clicking this button revokes the role assignment. When you revoke a role, the assignments the person has through the role drop into the Explicitly Assigned Access Rights grid (explained below). Depending on your organization, if you revoke a role, you may see a Business Role tree appear. This tree gives you the opportunity to select a suggested alternative role to the one you are revoking.

       •  

         • Conditionally Certify Button — Clicking this button certifies the role assignment, but constrains it to a specific period of time, such as the next three months. Depending on your organization, you may not see the Conditionally Certify button.
           
           
           

       • Comments Button — Clicking this button allows you to add and remove comments concerning the assignment.

       • View Link — Clicking this link opens another tab in your browser with each individual entitlement or access assignment the person has by virtue of belonging to the role. For example, in the below image, the Acquisition Officer Business Role has three entitlements.
         
         
         

         Open

         

         
         
         
         

     • An Explicitly Assigned Access Rights Grid — This grid displays access rights that the person has received beyond those granted by membership in a role and provides controls for interacting with those explicit assignments.
       
       
       

       Open

       

       
       
       
       

     • Certify Button — Clicking this button certifies the role assignment.

     • Revoke Button — Clicking this button revokes the role assignment. When you revoke a role, the assignments the person has through the role drop into the Explicitly Assigned Access Rights grid, where you then must make a case-by-case decision for each of the access rights.

     • Conditionally Certify Button — Clicking this button certifies the role assignment, but constrains it to a specific period of time, such as the next three months. Depending on your organization, you may not see the Conditionally Certify button.
       
       
       

   • Comments Button — Clicking this button allows you to add and remove comments concerning the assignment.

Now that you have an understanding of the page, the next step is to make your recertification decisions.

To make Recertification decisions

1. From the appropriate grid on the Recertification Details page, search for and locate the assignment for which you want to make a decision. For example, if you want to make a decision on a role assignment, you search for that role in the Roles grid.
   
   

   
   
   
   

2. On the other hand, if you want to make a decision on an explicit access right, you search for the right in the Explicitly Assigned Access Rights grid.
   
   

   
   
   
   

3. Once you have selected the access assignment for which you want to make a decision, the next step is to make the decision. When making decisions, you have three options:
   
   
   

   • You can certify the assignment

   • You can conditionally certify the assignment

   • You can revoke the assignment