Skip to main content

Overview of Escalation Policies

Business Request escalations enable automated handling of approval steps that remain pending beyond defined time limits. When approvers do not act within specified timeframes, escalation policies trigger actions such as sending reminder notifications, adding additional approvers, or automatically closing pending steps.

Escalation policies ensure that access requests do not stall indefinitely in approval queues. Organizations configure these policies to maintain approval SLAs and ensure timely processing of access requests.

Example Escalation Sequence

Consider an approval flow with escalating actions over time:

  • Notify the potential approver after one day
  • Add an additional assignee after two days
  • Auto-close the step with an "approved" status after three days

This progressive escalation ensures that approval tasks receive attention while preventing indefinite delays.

info

For step-by-step instructions on creating and configuring escalation policies, see Create Escalation Policies.

Key Components

Escalation Policy

An Approval Escalation Policy defines the rules and actions for handling overdue approval steps. Each policy specifies:

  • Which actions to execute
  • When to execute them (after how many days)
  • The sequence in which multiple actions occur

Once created, an escalation policy can be applied to multiple approval steps, enabling consistent escalation behavior across different approval workflows.

Default Escalation Policy

If no specific escalation policy is configured for an approval step, EmpowerID applies a default escalation policy with the following actions:

  1. Notify Potential Approver — After 3 days of inactivity, send a reminder notification to the assigned approver
  2. Notify Potential Approver Again — After 7 days of inactivity, send a second reminder notification
  3. Notify Target Person's Manager — After 15 days of inactivity, escalate to the manager of the person receiving access

Escalation Actions

Escalation actions define what happens when the time threshold is reached. Each policy can include multiple actions that execute in sequence as time passes.

Action Types

EmpowerID supports the following escalation action types:

Notify

Triggers the notification system to send an alert to specified participants. Notification recipients can include:

  • Potential approvers (assigned to the step)
  • Approver managers
  • Initiator (person who submitted the request)
  • Target person manager (manager of the person receiving access)

Notifications use configured email templates and follow notification preferences for each recipient.

AddAssignee

Assigns an additional approver to the pending step. Organizations can configure this action to add:

  • Business Role and Location
  • Group
  • Management Role
  • Management Role Definition
  • Person
  • Set Group

Adding assignees expands the pool of people who can approve the request, increasing the likelihood of timely action.

ReplaceAssignees

Replaces the current assignees with new approvers. This action uses the same assignee selection options as AddAssignee, allowing organizations to specify:

  • Business Role and Location
  • Group
  • Management Role
  • Management Role Definition
  • Person
  • Set Group

ReplaceAssignees completely changes the approval responsibility rather than expanding it.

AutoCloseStep

Automatically closes the approval step with a specified decision after the configured time period. Organizations configure which approval decision to apply when the step auto-closes.

Auto-close actions ensure that approval flows do not stall indefinitely. Organizations typically configure auto-close with approval decisions for routine, low-risk requests.

AutoCloseItem

Closes the entire Business Request Item with a specified status. Available status options include:

  • Approve
  • Certify
  • Convert to JIT
  • Delete
  • Disable
  • Do Nothing
  • Revoke

This action terminates the approval process for the item without requiring further approver action. Any remaining open approval steps are marked as skipped.

AddPotentialApproverManagers

Adds the managers of current potential approvers as additional approvers to the pending step. This escalates approval requests up the management chain when initial approvers do not respond within the specified timeframe.

RunWorkflow

Executes a custom workflow as the escalation action. This allows organizations to implement specialized escalation logic beyond the standard action types, such as triggering notifications to external systems or executing complex approval routing changes.

Action Timing

The Escalate After X Days setting determines when each action executes. The countdown operates as follows:

  • For the first escalation action, days are counted from when the approval step becomes pending
  • For subsequent actions, days are counted from when the previous escalation action executed

This cumulative timing enables progressive escalation strategies that start with gentle reminders and progress to more assertive interventions.

Action Order

Actions execute in the order defined by their Action Order ID. When multiple actions are configured for a policy, they execute sequentially as their time thresholds are reached.

Auto Close Terminates Subsequent Actions

Actions configured after an Auto Close Step or Auto Close Item action will not execute, as the step or item is already closed.

Example:

  • Action 1: Notify approver (Day 1) ✅ Executes
  • Action 2: Auto Close Step (Day 3) ✅ Executes and closes step
  • Action 3: Add Assignee (Day 5) ❌ Never executes because step is already closed

Configure action order carefully to ensure intended behavior. Place Auto Close actions last in the sequence.

Background Job

The Business Request Status, Approvers, and Escalation Refresher job processes escalation policies. This background job runs on a scheduled interval and performs the following tasks:

  1. Scan for overdue escalations — Identifies approval steps that have exceeded configured escalation timeframes
  2. Add to escalation inbox — Places overdue escalations in the BusinessRequestEscalationInbox for processing
  3. Determine next actions — Evaluates Action Order ID to determine if subsequent escalation actions should begin
  4. Execute escalation actions — Processes inbox entries and triggers configured actions (notifications, adding assignees, auto-closing)

The escalation processing logic is encapsulated in the Custom_BusinessRequest_RefreshEscalations database procedure.

Technical Implementation

Policy Assignment

Escalation policies are assigned at two levels:

ApprovalFlowPolicyStep Level

The policy applies to a specific step within a specific Approval Policy. This enables different escalation behavior for the same step type in different approval contexts.

ApprovalFlowStep Level

The policy applies globally to an Approval Step regardless of which Approval Policy uses it. This enables consistent escalation behavior when the same step appears in multiple policies.

Escalation Inbox Processing

When the background job identifies an overdue escalation, it creates an entry in the BusinessRequestEscalationInbox table. This inbox serves as a processing queue, ensuring that escalation actions execute reliably and can be audited.

The job processes inbox entries by:

  1. Retrieving the escalation policy and action configuration
  2. Executing the specified action type (Notify, Add Assignee, Auto Close)
  3. Recording the execution timestamp
  4. Determining whether the next action in the sequence should be scheduled

This queue-based architecture ensures that escalations process reliably even under high load and provides a complete audit trail of escalation activity.