The management role validity recertification is a method of determining whether or not management roles are still required. Certain actions must be made if the management roles are no longer required. In other words, management role validity recertification policy is to certify whether a management role should exist or not.
For the recertification, a recertification policy is created, a recertification audit is created, the recertification policy is added to the audit, then the audit is compiled, which generates business requests that are sent for approval.
In the case of management role validity recertification, the recertification engine bundles the recertification items into business requests as per the responsible party assigned. For any item being recertified where its responsible party is null, it bundles them into one business request as per the fall-back assignee.
The possible decisions for the business requests are generally set as certify, disable or delete. However, these decisions are configurable.
Pre-requisite for recertification policies, audit compilation and fulfilment of business requests.
Create a Management Role Validity Type Recertification Policy
Log in to the EmpowerID web application as an auditor or other person with the ability to configure audits.
On the navbar, expand Compliance and select Recertification.
On the Recertification page, select the Recertification Policies tab.
Then click + icon to create a new Recertification Policy
The policy details page opens up.
Select policy type as ‘Management Role Validity.’ Enter any name, display name, and description.
Click on Save.
Add the target type “Location” to the policy createdClick on the '+' icon at the bottom of the policy details page to add the target.
The attestation policy target section opens up.
Under the type dropdown, select ‘Location.’
Under the select a location dropdown, search for a location and select it.
Click on Save.
Add the target type “Set Group” to the policy createdClick on the '+' icon at the bottom of the policy details page to add the target.
The attestation policy target section opens up.
Under the type dropdown, select ‘Set Group.’
Type a query name under “enter a query-based collection name”.
Click on Save.
Add the target type “Management Role” to the policy createdClick on the '+' icon at the bottom of the policy details page to add the target
The attestation policy target section opens up.
Under the type dropdown, select ‘Management Role.’
Under the enter a management role name dropdown, please search for a management role and select it.
Click on Save.
Add the target type “Management Role” to the policy createdClick on the '+' icon at the bottom of the policy details page to add the target
The attestation policy target section opens up.
Under the type dropdown, select ‘Management Role Definition.’
Under the enter a management role definition name dropdown, please search for a management role and select it.
Click on Save.
The management role validity type recertification policy type with various target types is created as below.