Removal of indirect assigned entittlements

Idea ID 2779728

Removal of indirect assigned entittlements

0 Votes
A challenge with the re-certification process is to determine which application IdM or Identity Governance has the authority? Or who has the authority IT that builds the role model in IdM or the business, the auditors, the management and IT-Security that reviews the rights according to business risks and internal and/or external regulations?

Today it is not possible in IdM to remove an entitlement that has been granted indirectly through a role. On the other hand, if the business, auditors, management or IT-security during a review removes such a right even IdM has to obey.

The problem occurs when a reviewer removes an entitlement in Identity Governance, the entitlement will not be removed by IdM if the entitlement is a part of a role in IdM even though the Identity Governance/IdM integration has been setup.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.