Certifications allow designated people, such as managers or system owners, to review users’ access to your enterprise systems and data. Certifiers determine whether the access is appropriate for those users or should be revoked.
Certifications improve your data security by reducing inappropriate access and helping you satisfy audit and regulatory requirements.
Each set of reviews is called a certification campaign. Each assigned review is called a certification.
The certification process includes these actions.
A Certification Admin or Org Admin defines the certification campaign requirements through a Search query or a Campaign Filter. They then generate and start the campaign.
Not all access data is certifiable access. Some access is controlled automatically by your defined access model.
Certifiers review their assigned certifications, approve or revoke access, and sign off on their decisions. Refer to Working with certifications in the user help for more details.
IdentityNow remediates the revoked access.
An administrator completes the campaign.