User based review
If you have already imported data from the applications that need to be a part of your review, then you are ready to configure the UAR. To configure a "User Access" focused review, follow the steps below.
1 Create new certification
- From the Webconsole to go to
Access control -> Access certification. - Click on "New Access Certification" from the side menu which will render the screen below.
Complete this form using the information described below.
| Field name | Required? | Description |
|---|---|---|
| Access Certification name | Y | Provide a descriptive name to uniquely identify your campaign. |
| Type of certification | Y | Determines if this is a user or application + entitlement based review. In this case, select User |
| Status | Y | Indicates if the campaign is active or not. If the status is In-active, then you will not be able to execute it. |
| Scheduled interval | N | Allows you to automatically run the campaign at regular intervals such as Annually, Semi-annually and quarterly |
| Reference start date | N | If the campaign is to be run at regular intervals, then the reference start date is used to determine when the next iteration should be. |
| Email template | N | Email template which should be used for notifications. |
| Description | N | Summary which describes the goals of this campaign. |
| Manager of access review | N | Manager of access review or the UAR manager is a person who will be overseeing the execution of the campaign. This will person will have access to the UAR campaign dashboard, reports as well as the ability to delegate requests. The UAR manager is different from a manager who is participating as a reviewer in a campaign. |
Click on Next after completing the form as shown in the example below. This will save the UAR configuration and open up additional tabs to complete the certification.
2 Types of reviewer
- User manager - supervisor of any type;
- Organization certifier - if target user is a member of organization and that organization has specified certifier (user);
- Select reviewer - particular user can be selected;
- Group - group of users;
- User review their own access - target user review own access; self-review;
- Service account owner (comes in v 4.2.1) - if target user is a related account then review will be done by primary user. see more in Related Accounts