We want to move away from Roles (business and IT). Ideally, to create groups/entitlements under Active Directory and still be certified in the Manager Certification. However, we have about 5000+ groups/entitlements in our AD. We only want to certify about 100 of them out of 5000 in AD. We would like to incorporate these 100 AD entitlements in our existing quarterly Manager Certification. Is there a way to achieve that without starting a new certification campaign (too many different certs caused end user fatigue)? We thought about to add classification to the 100 AD entitlements, but Manager Certification template does not take classification. Please advise.