Certification process
Certification is the process of reviewing user roles, accounts, and entitlements and asserting its validity.
Certification is required for applications and systems across all operating companies. Managers and application owners of certifiable applications, roles, and entitlements are required to review access for direct reports.
Use Case
Certification Process - User Transfer
Use Case | Certification Process - User Transfer |
---|---|
Brief Description | Certification definitions are named sets of parameters configured in the IDM System Admin console to schedule certification review tasks for users, user groups, roles, entitlements, and accounts. Certification jobs are created and scheduled to run the certification definitions. Catalog items can be marked as Certifiable under the Detailed Information section for the catalog item by IDM Administrators during the Application Onboarding process. Users are selected as the Certifier for catalog items (Roles, Entitlements, and Accounts) during the Application Onboarding process, or through the certification definition selected under the primary reviewer. |
Actors |
|
Trigger Events |
|
Preconditions |
|
Post-Conditions | Success
Fail
|
Basic Flow | Process Flow Steps of certification on user transfer
|
Certification Process - Inbox Management
Use Case | Certification Process - Inbox Management |
---|---|
Brief Description | The certification process can be performed through self-service via the Inbox management process and performed multiple tasks within. |
Actors |
|
Trigger Events |
|
Preconditions |
|
Post-Conditions | Success
Fail
|
Basic Flow | Inbox Management:
|
Certify Certification Task
Use Case | Certify Certification Task |
---|---|
Brief Description | Tasks can have multiple actions that can be performed. Certifying is one of them |
Actors |
|
Trigger Events |
|
Preconditions |
|
Post-Conditions | Success
Fail
|
Basic Flow | Certify Task:
|
Revoke Certification Task
Use Case | Revoke Certification Task |
---|---|
Brief Description | Tasks can have multiple actions that can be performed. Revoking is one of them |
Actors |
|
Trigger Events |
|
Preconditions |
|
Post-Conditions | Success
Fail
|
Basic Flow | Revoke Task:
|
Reassign Certification Task
Use Case | Reassign Certification Task |
---|---|
Brief Description | Tasks can have multiple actions that can be performed. Reassigning is one of them |
Actors |
|
Trigger Events |
|
Preconditions |
|
Post-Conditions | Success
Fail
|
Basic Flow | Re-assign Task:
|
Certification Task Expired
Use Case | Certification Task Expired |
---|---|
Brief Description | When the certification task is not performed for a certain time period, the task is expired. |
Actors |
|
Trigger Events |
|
Preconditions |
|
Post-Conditions | Success
Fail
|
Basic Flow | Expired Task:
|
Certification and Policy Administration
Use Case | Certification and Policy Administration |
---|---|
Brief Description | The Management Console allows IDM Administrators and Power Users to create, define, and configure rules for certification of applications, roles, accounts, and entitlements. |
Actors |
|
Trigger Events |
|
Preconditions |
|
Post-Conditions | Success
Fail
|
Basic Flow | The basic idea is explained as follows:
|
Process Flow Diagram
The below diagram shows the process activities of certification user transfer
The below diagram shows the process activities of certification triggered after the scheduled job