Business Roles in Identity Governance allow for Approval Policies to bet set up so that when an addition or change is made, a designated reviewer must re-approve the policy. We would also like to see functionality that allows for periodic reviews of Business Roles that have not changed, similar to how a User Access review is conducted. This will allow for periodic validation of existing business roles, which is a requirement for us by internal audit.

Additionally, this functionality could be extended to Technical Roles to allow for validation of individual permissions that make up a Technical Role.

Comments

  • It is required to be able to control and monitor effectively the business roles