Background
Non-Employee Risk Management Sources in Identity Security Cloud will now support filtering profiles for aggregation based the profiles’ status in NERM.
Problem
Prior to this enablement, Non-Employee Risk Management sources in ISC that are configured to use the SailPoint Non-Employee Risk Management connector would aggregate all profiles of a given type, regardless of status. This caused problems for customers who did not want to aggregate Inactive Non-Employee or Assignment profiles into ISC for governance.
Solution
- We are introducing a new setting on the Non-Employee Source configuration in ISC: NERM Account Aggregation Filter by Status. This setting is a dropdown with two options:
- All - Profile statuses to be aggregated: Active, On Leave, Inactive, Terminated
- Active - Profile statuses to be aggregated: Active, On Leave*
* Note: this is consistent with the display of profiles in NERM, where On Leave profiles are included under the “Active” status in tables
- This setting will be available on all Sources using the SailPoint Non-Employee Risk Management connector
- This includes Sources configured prior to April 2025, which were manually configured via ISC to aggregate a single Profile Type
- This includes Sources configured since April 2025 which use the Identity Security Cloud Connection Settings configuration in NERM
- The default selection for this setting will be All
- This is consistent with the current approach wherein profile of all statuses are aggregated by the Source.
- Changing the setting to Active will update the accounts to only reflect Active Profiles on the next aggregation
Dates
This new setting will be available on Non-Employee Risk Management Sources in Identity Security Cloud during the week of:
June 16, 2025.