Application roles for attestation
NOTE: This application role is available if the Attestation Module is installed.
The following application roles are available for managing attestation procedures:
Table 4: Application roles for attestation
|
Administrators
|
Administrators are assigned to the Identity & Access Governance | Attestation | Administrators application role.
Users with this application role:
- Define attestation procedures and attestation policies.
- Create approval policies and approval workflows.
- Specify which approval procedure to use to find attestors.
- Set up attestation case notifications.
- Configure attestation schedules.
- Enter mitigating controls.
- Create and edit risk index functions.
- Monitor attestation cases.
|
| Chief approval team |
The chief approver must be assigned to the Identity & Access Governance | Attestation | Chief approval team application role.
Users with this application role:
- Approve using attestation cases.
- Assign attestation cases to other attestors.
|
|
Attestors for external users |
Attestors for external users must be assigned to the Identity & Access Governance | Attestation | Attestors for external users application role.
Users with this application role:
|
NOTE: Attestors in charge are determined through approval procedures. Other application roles may be applied here. Application roles for attestors are defined in different module and are available if the Attestation Module is installed.
Application roles for subscribable reports
NOTE: This application role is available if the module Report Subscription Module is installed.
The following application role is available for managing subscribable reports:
Table 5: Application roles for subscribable reports
|
Administrators
|
Administrators must be assigned to the Identity & Access Governance | Company policies | Report Subscriptions application role.
Users with this application role:
- Create subscribable reports from existing reports.
- Configure report parameters for subscribable reports.
- Assign subscribable reports to employees, company structures or IT Shop shelves.
- Create custom mail templates for sending subscribed reports by email.
|
Management level
The user must be assigned to the Identity Management | Management level application role.
Users with this application role:
- Can view reports and statistics for management levels in the Web Portal.
Application roles for business roles
NOTE: This application role is available if the Business Roles Module is installed.
The following application roles are available for the administration of business roles:
Table 6: Application roles for business roles
|
Administrators
|
Administrators must be assigned to the Identity Management | Business roles | Administrators application role.
Users with this application role:
- Create and edit business roles.
- Assign company resources to business roles.
- Administrate application roles for role approvers, role approvers (IT), and attestors.
- Set up other application roles as required.
|
|
Attestors
|
Attestors must be assigned to the Identity Management | Business roles | Attestors application role or a child application role.
Users with this application role:
- Attest correct assignment of company resource to business roles for which they are responsible.
- Can view master data for these business roles but not edit them.
NOTE: This application role is available if the module Attestation Module is installed. |
|
Role approver
|
Approvers must be assigned to the Identity Management | Business roles | Role approvers application role or a child application role.
Users with this application role:
- Are approvers for the IT Shop.
- Approve requests from business roles for which they are responsible.
|
|
Role approver (IT)
|
IT role approvers must be assigned to the Identity Management | Business roles | Role approvers (IT) application role or a child application role.
Users with this application role:
- Are IT role approvers for the IT Shop.
- Approve requests from business roles for which they are responsible.
|
