Which IIQ version are you inquiring about?
8.3
Share all details about your problem, including any error messages you may have received.
Hi,
I am currently trying to set up some Role SoD policies that has some expected exceptions. Due to this, we want certain people to be able to request those exceptions and then send the exceptions(/policy violations) for approval to a specific person/team. This should happen in a preventive (during the request) way, and not in a detective way.
I’m new to the policies & approvals in IIQ, so I’m looking for some guidance on this issue.
I have enabled the following settings under Compliance Manager:
I expected this to allow someone to submit the violation as an exception with a specific time frame and a reason during the access request. However this doesn’t seem to trigger, as the user can’t select a timeframe & no violation item is created for approval either.
I’ve also changed the following settings on my LCM Provisioning workflow:
policyScheme=interactive
allowRequestsWithViolations=true
requireViolationReviewComments=true
These settings allow the requester to perform the access request through the UI and gets notified that there are violations. He does not receive the pop-up to select a duration of the violation and there is also no policy violation item created for an approver to allow/deny the violation.
Any guidance on how to trigger the exception duration pop-up and ensure a policy violation item is created would be greatly appreciated.
Kind regards,
Jonas