Automation of Governance Groups Management

Identity Security Cloud (ISC) ISC Discussion and Questions
1

Hello everyone,

I am looking for information on how to automate the management of Governance Groups (GG) in SailPoint ISC, specifically based on the “department” attribute of identities. Here are the specific scenarios I would like to address:

  1. Creation of a GG: Automatically create a Governance Group whenever a new Department (Identity attribute) is added in ISC.
  2. Update of a GG: Update the Governance Group when a new Identity joins or leaves the company, reflecting changes in their LifeCycle state. Specifically, I would like to add a new Identity to the GG when they join, and remove a leaver if they are currently part of the GG.
  3. Deletion of a GG: Automatically delete a Governance Group when its associated Department no longer exists in ISC.

Questions:

  • Is it possible to automate the creation and management of Governance Groups based on the “department” attribute of identities?
  • Can each Governance Group be kept updated automatically by adding or removing Identities as necessary?

I appreciate any insights or guidance on this topic!

Thank you!

2

This you can do by leveraging the ISC connector which manages GG and Access as the entitlements . you can create a role and based on assignment cretia GG can be assigned.

3

You can use the custom workflow to be trigged on sceduled basis to perform this operation

4

You can use the custom workflow to be trigged on sceduled basis to perform this operation

5

Thanks for your answer, but I don’t see any field in the creaton of Governance Group that allow me to assign a governance group based on role attribute

6

I have similar requirement. Can you please help me on this.

How can we add entitlement membership to the governance group