This article explains how SoftwareIDM’s Identity Panel Suite automatically generates User Entitlement Review (UER) campaigns by organizing users based on their access to applications, entitlements, approval workflows, and exclusion rules. This streamlines access governance and simplifies compliance audits.
Automatic Campaign Generation Based on Access
The Identity Panel Suite uses its Access Panel to create UER campaigns automatically. These campaigns are not manually assembled—instead, they rely on real-time access data derived from identity records. The system evaluates users’ application assignments, including their specific entitlements (such as roles or group memberships), and uses this information to generate meaningful review sets.
This method ensures each campaign is accurately scoped, making it easier for reviewers to focus on users with relevant access and reduce false positives.
Key Elements That Influence Grouping
When the system builds UER campaigns, it evaluates the following components:
-
Assigned Applications: Users are grouped by which applications they can access, such as Salesforce, Workday, or Active Directory.
-
Entitlements: These are specific permissions within applications, like admin roles or department-specific data access. The platform uses entitlement metadata to refine user groupings.
-
Approval Workflows: The system respects predefined workflows that determine who can review or approve access changes. This ensures accountability and consistency.
-
Default Access Exclusions: If certain accounts (e.g., service or test accounts) are excluded from reviews by policy, those exclusions are enforced automatically.
This data-driven approach helps maintain accurate reviews while reducing the administrative burden of manual campaign setup.
Comments
0 comments
Article is closed for comments.