Certification Schedules

Periodic certifications are scheduled to run on a recurring basis, such as daily, weekly, monthly, quarterly, or annually. These periodic access reviews provide a snapshot view of the identities, roles, and account groups within your enterprise. Periodic certifications focus on the frequency at which entire entities (identities, roles, or account groups) must be certified.

A periodic certification is considered complete when all the access reviews contained within the certification have been completed. The access reviews that make up the certification, in turn, are considered complete when all items, such as roles, entitlements, violations, and application objects, have been acted upon, and those decisions are confirmed by the user to whom that access review was assigned.

Periodic certifications can be created using a multi-level sign-off structure, to allow multiple certifiers to review the access before the review is considered complete.

Certifications can be configured to run based on "trigger" events that occur within IdentityIQ. For example, you can configure IdentityIQ to automatically generate a certification any time an identity's manager changes. You can also configure the events that trigger the certifications to meet the needs of your enterprise. See Certification Events for more information.

One-off certifications can be created from the Identity Risk Score, Identity Search Results, or Policy Violation pages. These one-off access reviews can be run for a single identity, or for multiple identities at once. One-off certifications are most often used in special situations, such as when an access review is required outside of the normal certification cycle. You can also schedule standard IdentityIQ certifications to run on a one-off basis.