what exactly this connector Identity Security Cloud Governance do ? read articles but still confused?
Can it help me reassigning the pending certification to user’s manger’s manager when manager of the user is terminated as it has got reassigment settings
This feature reassigns items only from the identity being disabled.
Regardless of whether the user is a manager or a regular employee, upon termination, the tasks/items owned by the user will be reassigned to their manager. If the manager is terminated, their tasks/items will be reassigned to their manager, and so on.
@YanCoelho hey Yan i tried this as well as i put this account under disable in the terminate lcs and then when i manually terminated the user’s manager (holding certification for review) but still it hasnt forwarded the certification to his manager.
Do you know how can i configure it?
Can you share your LCS configuration?identity state….
what do you mean @YanCoelho LCS transform ? or the lcs state of identity ?
By default, SailPoint will only reassign certifications from a terminated user to their immediate manager, if that manager is active. It won’t automatically move certifications to the manager’s manager if the direct manager is also terminated.
To make certifications go to the manager’s manager, you need to set up a custom workflow. This workflow should detect when a manager is terminated and automatically reassign any pending certifications to their own manager (the next level up). This isn’t available out of the box—you must create the workflow for this scenario.
Check that your user profiles have manager and manager’s manager assigned, and that lifecycle states are updated to “Terminated” when someone leaves.
Refer : Workflow for Re-Assigning Manager when they are getting Terminated - #3 by udayputta
@sita_ram I tried one workflow but not working. any workflow if you could kindly provide for this ?
I don’t have any workflow to provide here. But you can follow this → Need a workflow that forward all pending certifications of a user to his manager’s manager when manager of the user is terminated - #2 by StephenHolinaty
Regarding the ISC Governance Connector: This connector allows ISC itself to be treated as a governed system. It manages ISC’s internal identities as accounts, enabling governance over user levels, roles, and governance groups as entitlements. Essentially, you can apply governance policies and run certifications on ISC’s own users and permissions.
For the certification reassignment issue, the previous responses are correct. By default, ISC only reassigns certifications from a terminated user to their immediate manager, and only if that manager is active. If the direct manager is also terminated, the system doesn’t automatically escalate to the manager’s manager.
To solve this, you need to create a custom workflow that detects when a manager is terminated and reassigns pending certifications to the next hierarchical level. This isn’t out-of-the-box ISC functionality. The workflow should use the “Identity Lifecycle State Changed” trigger to detect terminations and then use certification APIs to perform the reassignment.
The setup requires that identity profiles have the manager hierarchy correctly mapped and that lifecycle states are properly updated when someone is terminated.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
