Adding Recertification Policies to Audits
In EmpowerID, an audit is a user-defined, logically named object for identifying and grouping recertification tasks. After creating an audit, you must add recertification policies to define what access rights you want to audit. When the audit runs, it compiles these policies and generates the appropriate recertification tasks for reviewers. This step is essential for ensuring compliance with organizational policies and regulations.
If you haven't created the necessary recertification policies, see Creating Recerification Policies
Procedure
Step 1: Navigate to the target Audit:
- Go to Compliance → Recertification and click the Audits tab.
- Search for the audit name in the search bar. You need to enter at least three characters to return results.
- Click the audit name to open the View Audit page.
This directs you to the View One page for the audit.
Step 2: Add and Configure a Recertification Policy:
- On the View One page, expand the Recertification Policies accordion and click the plus (+) icon to open the configuration dialog.
- In the Recertification Policy Section do the following:
- Search for the recertifcation policy to be added to the audit.
- (Optional) In the Exclude Any Recertified Within Last X Days field, enter the number of days to exclude recently certified access assignments. Important: This setting only excludes specific access assignments that were certified within your specified timeframe. New access grants will still generate recertification tasks.
- In the Fallback Subject of Business Request to Group By section, search for and select the appropriate fallback assignee who will receive tasks if the primary reviewer is unavailable.
Next Steps
After adding recertification policies to your audit, the system will automatically generate recertification tasks based on these policies when the audit runs. Task owners will receive notifications to review and certify access rights.