User based review
If you have already imported data from the applications that need to be part of your review, then you are ready to configure the UAR. To configure a User Access-focused review, follow the steps below.
Creating a new certification
- Log in to the webconsole and go to Access control > Access certification.
- Click on New Access Certification in the side menu and it will render the screen below.
Complete the rendered form using the information from the table below.
Field name | Required? | Description |
---|---|---|
Access Certification name | Y | Provide a descriptive name to uniquely identify your campaign. |
Type of certification | Y | Determines if this is a user or application + entitlement-based review. In this case, select User. |
Status | Y | Indicates if the campaign is active or not. If the status is Inactive, then you will not be able to execute it. |
Scheduled interval | N | Allows you to automatically run the campaign at regular intervals such as annually, semi-annually, and quarterly. |
Reference start date | N | If the campaign is to be run at regular intervals, then the reference start date is used to determine when the next iteration should be. |
Email template | N | Email template that should be used for notifications. |
Description | N | Summary describing the goals of this campaign. |
Manager of access review | N | Manager of access review, or the UAR manager, is a person who will be overseeing the execution of the campaign. This person will have access to the UAR campaign dashboard and reports, as well as the ability to delegate requests. The UAR manager is different from a manager who is participating as a reviewer in a campaign. |
Click Next after completing the form as shown in the example below. This will save the UAR configuration and open up additional tabs to complete the certification.
Types of reviewers
There are several types of reviewers that can be configured for a campaign. You can have only 1 manager in the review; however, if needed, you can add other types of reviewers. The types of reviewers are defined below.
- User manager is a supervisor of any type.
- Organization certifier. If the target user is a member of an organization and that organization has a specified certifier (user).
- Select reviewer allows choosing a particular user for the review.
- Group. A group of users can be reviewers.
- User reviews their own access allows a target user to review their own access, meaning to do a self-review.
- Service account owner. If the target user is a related account, then the review will be done by the primary user. See more in the Related Accounts section.
Please note that the dates configured in the Reviewers section account for calendar days.