Best practice to create account certification for connected source in Identity Now/ Identity Security Cloud. Need to consider both correlated and uncorrelated accounts from the source.
In Identity Now/Identity Security Cloud we don’t see account certification using OOTB features. Can anyone suggest how are they doing account level certifications for the connected source in your INOW/ISC tenants.
Certifications in SailPoint ISC are typically performed at the identity level, which applies to correlated downstream application accounts. You can leverage either built-in certification campaigns like Manager or Source owner (or) you can use the search-based certifications to review entitlements and account access for these users.
For uncorrelated accounts, SailPoint provides an out-of-the-box Uncorrelated Account Certification option that can be initiated directly from the search interface. This allows you to identify and certify accounts that aren’t linked to any identity, helping maintain governance across all account types.
I have tried uncorrelated account certification in the Identity Now but we can only review the access items(Entitlements,AccessProfiles) but we can’t certify the account directly. In other available certifications also we can only review the access items but not accounts. In Sailpoint IIQ we can review the accounts,when reviewer revokes we would either disable/delete the account based on the application specific requirement. I wanted to do account level certification in Identity Now but don’t see any OOTB certifications related to accounts review.