Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Supervisor Certification of Access

Go to solution
yodeler
New Contributor II
New Contributor II

‎08/18/2023 06:24 AM

We are looking into a way that a new supervisor could certify the access an existing person has when a person moves into a new business unit within the company. 

We considered resetting to birthright, but that would be too disruptive. What we would like to do is trigger an access review campaign or something like it to to require the new supervisor to acknowledge that he has reviewed the person's access when a user is moved into a different business unit.

One issue is that the supervisor in most all cases would not be the role approver or the role owner of these access. We merely want the supervisor to be forced to look at existing access of a user and acknowledge that he reviewed the access. Does not need to trigger removals or anything like that necessarily, but it would be nice

Does anyone have ideas on how this could be accomplished?

0 Kudos
3 REPLIES 3

Go to solution
dgandhi
All-Star
All-Star

‎08/18/2023 08:16 AM

Basically you are talking about mover scenario.

You can generate access review based on User update rule, in the campaign configuration, disable the config for revoking access on locking / expiry.

Below document for detail explanantion:

https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter15-Campaigns-and-Certificati...

 

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.
0 Kudos

Go to solution
yodeler
New Contributor II
New Contributor II
In response to dgandhi

‎08/18/2023 08:24 AM

@dgandhi yes, that's basically what I'm sort of after - the mover situation. What I was trying to avoid is creating a single campaign for each individual user update. This method could potentially work, but I'd like to figure out if there's a way we could batch them all together and say have a campaign that runs once a week that includes that previous week's moves. Instead of triggering off of user update, maybe we could run on a schedule and query for the recent moves instead? Is that feasilbe?

0 Kudos

Go to solution
dgandhi
All-Star
All-Star
In response to yodeler

‎08/18/2023 08:31 AM

You can schedule it once in a week with this approach. Just run below job once in a week.

Go to Admin >Job Control Panel>Attestation and schedule LAUNCHCERTIFICATIONFROMRULEJOB to launch campaign for all the users modified and matching the rule.

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.
Copyright © 2024 Khoros, LLC