Chat now with support
Chat with Support

Identity Manager 8.0 - Attestation Administration Guide

Attestation and Recertification
One Identity Manager Users for Attestation Attestation Base Data Attestation Policies Creating Custom Mail Templates for Notifications
Approval Processes for Attestation Cases
Approval Policies Approval Workflows Selecting Attestors Setting up Multi-Factor Authentication for Attestation Prevent Attestation by Employee Awaiting Attestation Managing Attestation Cases
Attestation Sequence Default Attestation and Withdrawal of Entitlements User Attestation and Recertification Mitigating Controls Configuration Parameters for Attestation

Validity Check

Validity Check

Once you have edited an approval policy you need to test it. This checks whether the approval steps can be used in the approval workflows in this combination. Non-valid approval steps are displayed in the error window.

To test an approval policy

  1. Select the category Attestation | Basic configuration data | Approval policies.
  2. Select the approval policy in the result list.
  3. Select Validity check in the task view.

Approval Workflows

Approval Workflows

You need to allocate an approval workflow to the approval policies in order to find the attestors. In an approval workflow, you specify the approval procedures, the number of attestors and a condition for selecting the attestors. Use the workflow editor to create and edit approval workflows.

To edit an approval workflow

  1. Select the category Attestation | Basic configuration data | Approval workflows.
  2. Select the approval workflow in the result list. Select Change master data in the task view.

    - OR -

    Click in the result list toolbar.

    This opens the Workflow Editor.

  3. Edit the approval workflow master data.
  4. Save the changes.

Working with the Workflow Editor

Use the workflow editor to create and edit approval workflows. The workflow editor allows approval levels to be linked together. Multi-step approval processes are clearly displayed in a graphical form.

Figure 1: Workflow Editor

Approval levels and approval steps belonging to the approval workflow are edited in the workflow editor using special control elements. The workflow editor contains a toolbox. The toolbox methods are activated or deactivated depending on how they apply to the control element. You can move the layout position of the control elements in the workflow editor with the mouse.

Each of the elements has a properties window for editing the approval workflow, level or step data. Use Toolbox | <Element> | Edit... to open the properties window.

To delete a control, mark it and run Toolbox | <Element> | Edit...

Individual elements are linked to each other with a connector. Activate the connection points with the mouse. The mouse cursor changes into an arrow icon for this. Hold down the left mouse button and pull a connector from one connection point to the next.

Figure 2: Approval Workflow Connectors

Table 21: Approval Workflow Connectors
Connector Meaning
Approval Link to next approval level if the current approval level was granted approval.
Deny Link to next approval level if the current approval level was not granted approval.
Reroute Link to another approval level to by-pass the current approval.
Escalation Connection to another approval level when the current approval level is escalated after timing out.

By default, a connection between workflow elements and level elements is created immediately when a new element is added. If you want to change the level hierarchy, drag a new connector to another level element.

Alternatively, you can release connectors between level elements using Toolbox | Assignments. To do this, mark the level element where the connector starts. Then add a new connector.

Different icons are displayed on the level elements depending on the configuration of the approval steps.

Table 22: Icons on the Level Elements
Icon Meaning
The approval decision is made by the system.
The approval decision is made manually.
The approval step contains a reminder function.
The approval step contains a timeout.

Changes to individual elements in the workflow do not take place until the entire approval workflow is saved. The layout position in the workflow editor is saved in addition to the approval policies.

Setting Up Approval Workflows

Setting Up Approval Workflows

An approval workflow consists of one or more approval levels. An approval level can contain one approval step or several parallel approval steps. All the approval steps in the attestation procedure for one approval level have to be executed before the next approval level can be called upon. Use connectors to set up the sequence of approval levels in the approval workflow.

When you add a new approval workflow, the first thing to be created is a new workflow element.

To edit approval level properties

  1. Open the Workflow Editor.
  2. Select Toolbox | Workflow | Edit....
  3. Edit the workflow properties.
  4. Click OK.
Table 23: Approval Workflow Properties
Property Meaning
Name Approval workflow name.

System abort (days)

Number of days to elapse after which the approval workflow, and therefore the system automatically ends the entire attestation procedure.

Description Spare text box for additional explanation.
Detailed information about this topic
Related Documents