Introduction to Certifications and Access Reviews

IdentityIQ™ helps you manage compliance by providing an automated way for designated reviewers to view and confirm or remove other users' access privileges, through a process called certification. IdentityIQ also lets you certify the contents and membership of roles and groups. Certifications like this are the central focus of compliance activities in an identity and access management program.

IdentityIQ uses certifications (or certification "campaigns") and access reviews to review and manage this user access.

In IdentityIQ, the term "certification" or "certification campaign" refers to an overall campaign to review access for a selected set of users – that is, to create and then complete a set of access reviews. The certification campaign is usually the responsibility of a high-level authority on access, such as a compliance officer, administrator, or manager.

A certification defines what is being reviewed and for which users, who the reviewers will be, what the timeline for the reviews is, and other details. For example, a company's compliance officer may set up a quarterly certification campaign to review and certify all the sensitive financial systems the people in the Accounting department have access to, and require each manager in the Accounting department perform the access review for all the members of his or her team.

The access review part of a certification is when someone who is an authority of some sort – such as a people manager, or someone responsible for an application like a Human Resources system or a financial database – reviews the access that other users have, to verify whether or not it is correct and appropriate, and to make any necessary corrections to revoke inappropriate access.

A certification campaign typically consists of multiple access reviews – for example, a Manager certification can create an individual access review for each department manager, so you have a single certification campaign that consists of a number of access reviews done by different people.