Behavior

Input the number of selected items which require additional confirmation for bulk revocations.

Select to display a pop-up window when an access review is complete and ready for sign off.

Select to require that, by default, all certifications require an electronic signature.

Require that, by default, all subordinate access reviews be completed before the parent access review can be completed.

Automatically sign off the certification when assignee has nothing to certify.

Suppress notification of certification when assignee has nothing to certify.

Require that, by default, all reassigned access review items be completed before the parent access review can be completed.

Specify that, by default, the content of reassigned access reviews be returned to the parent access review upon sign off.
Use this option to ensure that the original content of an access review request is preserved for tracking and reporting purposes.

Note: This item is not available if the Required Reassignment Completion or the Return Reassignments to Original Access Review options are selected.

Specify that an access review be automatically signed off on when all items in that access review are reassigned.

Require that all certifiers enter comments for each item they approve in an access review request.

Require certifier to include comments when a certification decision is made.

Require certifier to include comments when a certification decision is made.

Select to require that all access review approvers review the decision made on any user, role, entitlement, or policy violation that they delegated to another approver before they can complete the access review containing that delegation.

Select to require that all items in a delegation work item have a decision associated with them before the work item can be marked as complete. This setting is only configurable at the system setup level. Individuals cannot change the value of this setting for a single certification.

Select to disallow the forwarding of a work item that a different user delegated.

Choose which users may self-certify – that is, be the certifier for their own access, either by forwarding or reassigning an access review: All certifiers, Certification and System Administrators, System Administrators only.

For users that are not allowed to self-certify, this is the identity or workgroup that will receive any items that would require a self-certification – that is, when the reviewer and the user whose access is under review are the same person. If a Self Certification Violation Owner is not specified, any items that require self-certification will be read-only to the reviewer.

The limit reassignment feature allows you to limit the number of times the users within the certification campaign can reassign a certificatation item.

Note: Certification is not forwarded or reassigned when the reassignment limit is reached.

Set the number of reassignments allowed.

Set the global default to show classification data in certification access reviews. Classifications can be shown in Manager, Application Owner, Advanced, Role Membership, and Targeted certifications. This setting also determines whether classification information is shown in Separation of Duties (SOD) policy violations, in the dialog for correcting violations by revoking access.