29.1 Understanding Certification Policies

Identity Governance enables organizations to easily manage multiple compliance processes as a cohesive certification policy. For example, if you are required to review all access to applications that process data related to SOX, you can create a certification policy which could include all related reviews, set a validity period for the policy, and then periodically view all SOX related violations or search for a specific violation related to user access, account access, permissions, or business or technical role memberships. Specifically, a certification policy, can enable organizations to:

  • Consolidate reporting and audit queries

  • Schedule when certification policy calculation will occur

  • Calculate violations and determine compliance status

  • Detect items that should be reviewed based on change events since previous review run. Change events could include changes to catalog, risk levels, or review definitions.

  • View the status of all access review processes included in the policy

  • Get a more comprehensive governance risk overview when risk levels have been configured, and weight and range has been set for certification policy violations related risk factors