Audit is wanting us to leverage Sailpoint Certifications in order to review groups and their entitlements.
Example:
Application 1 has groups
Group 1
Group 2
Each group has entitlements
Group 1: Read, Write
Group 2: Read, Modify
Audit would like us to create a certification where the app owners certify what entitlement each group has.
Was thinking I could create a source(delimited) and create identities for each group. Then we could do certifications on each group through a normal identity certification.
Does this run into license issues?
Is there a better way to do this?
Your application is represented by sources ? What this type of your sources ?
Do you have many groups ? what are the maximum entitlement in your group ?
By default in certification you have a possibily to includes only : entitlement, access profile or roles.
When looking in the certifications it states that the view is for roles, access profiles or entitlements from the identities that have them. I’m not trying to review the identity. I want to try to get something like the role composition review but would like to avoid having to manually manage each of the roles.