To display default approval procedures
- Select the Attestation > Basic configuration data > Approval procedures > Predefined category.
The following approval procedures are defined to select the responsible attestors, by default.
|
Procedure Name |
Attestors |
|---|---|
|
AA - Attestor for the role to attest |
Attestor of the organization (department, cost center, location), business role, or IT Shop if assignments of system entitlements or system roles to roles are attested.
For more information, see Using attestation objects to find attestors. |
|
AD - Attestor of recipient's department |
Attestor of the department to which the attestation object is primarily assigned.
For more information, see Using roles of identities to be attested to find attestors. |
|
AL - Attestor for recipient’s location |
Attestor of the location to which the attestation object is primarily assigned.
For more information, see Using roles of identities to be attested to find attestors. |
|
AM - Manager of account's person |
Manager of the identity connected to the user account that is to be attested For more information, see Using persons responsible for attestation objects to find attestors. |
|
AN - Attestor for the system entitlement to attest |
Attestor of the system entitlement or system role if assignments of system entitlements or system roles to roles are attested. Attestors are determined through the assigned service item.
For more information, see Using attestation objects to find attestors. |
|
AO - Attestor for recipient's primary role |
Attestor of the business role to which the attestation object is primarily assigned. Attestors for business roles must be assigned to the Identity Management | Business roles | Attestors application role. For more information, see Using roles of identities to be attested to find attestors. |
|
AP - Attestor for recipient's cost center |
Attestor of the cost center to which the attestation object is primarily assigned.
For more information, see Using roles of identities to be attested to find attestors. |
|
AR - Attestor for attestation compliance rule |
Attestor for the compliance rule to be attested.
For more information, see Using attestation objects to find attestors. |
|
AS - Approver for attestation policy |
All identities assigned to the attestation policy as approver. For more information, see Using attestation policies to find attestors. |
|
AT - Attestor for the organization to be attested |
Attestor of the organization (department, cost center, location), business role, or IT Shop to be attested.
For more information, see Using attestation objects to find attestors. |
|
AY - Attestor for the company policy to be attested |
Attestor of the company policy to be attested.
For more information, see Using attestation objects to find attestors. |
|
CD - Calculated approval |
- |
|
CM - Manager of the attested identity |
Manager of the identity to be attested. For more information, see Using attestation object managers to find attestors. |
|
CN - Challenge the approval decision |
Identity to be attested. For more information, see Determining attested identity as attestor. |
|
CS - Identity themselves |
Identity to be attested, attests themselves. For more information, see Determining attested identity as attestor. |
|
DM - Manager of recipient's department |
Department manager/deputy if identities of secondary memberships are attested in departments. For more information, see Using attestation object managers to find attestors. |
|
AE - Identity assigned to account |
Identity assigned to the user account to be attested. For more information, see Using identities assigned to user accounts to find attestors. |
|
ED - Department manager for system entitlement attestation |
Identity’s department manager whose system entitlements are to be attested. For more information, see Using persons responsible for attestation objects to find attestors. |
|
EM - Identity manager for system entitlement attestation |
Identity’s manager whose system entitlements are to be attested. For more information, see Using persons responsible for attestation objects to find attestors. |
|
EN - Target system manager of the system entitlement to attest |
Target system manager of the system entitlements to be attested. For more information, see Using persons responsible for attestation objects to find attestors. |
|
EO - Product owner of the system entitlement to attest |
Product owner whose system entitlements or system roles are to be attested. For more information, see Using persons responsible for attestation objects to find attestors. |
|
EX - Approvals to be made externally |
- |
|
KA - Product owner and additional owner of the Active Directory Group |
Product owner and additional owner of the Active Directory group, if Active Directory groups or group memberships are attested. For more information, see Using persons responsible for attestation objects to find attestors. |
|
LM - Manager of recipient's location |
Location manager/deputy if identities of secondary memberships are attested in locations. For more information, see Using attestation object managers to find attestors. |
|
MD - Department manager of account's person |
Manager of the main department of the identity that is connected to the user account to be attested For more information, see Using persons responsible for attestation objects to find attestors. |
|
MO - Role owner |
Business role manager/deputy if identities of secondary memberships are attested in roles. For more information, see Using attestation object managers to find attestors. |
|
OA - product owner |
All members of the assigned application role if service items, system entitlements or system roles are attested. For more information, see Using product owners to find attestors. |
|
OM - Manager of a specific role |
Manager of the role selected in the approval workflow. For more information, see Using a specified role to find attestors. |
|
OP - Owner of a privileged object |
All identities that can be determined as owners of the privileged request. For more information, see Using owners of a privileged object to find attestors. |
|
OR - Members of a certain role |
All identities that are assigned to a secondary business role. For more information, see Using a specified role to find attestors. |
|
OT - Attestor of assigned service item |
Attestor of the service item assigned to the object to be attested.
For more information, see Determining attestors using the attestation objects' service item. |
|
OW - Product owners of a Microsoft Teams team |
Product owner of the Office 365 group that is assigned to the attestation object. For more information, see Using product owners to find attestors. |
|
PA - Secondary owner of Active Directory group |
All identities to be found through the additional owner of the requested Active Directory group. For more information, see Using additional Active Directory group owners to find attestors. |
|
PM - Manager of recipient's cost center |
Cost center manager/deputy if secondary memberships in cost centers are attested. For more information, see Using attestation object managers to find attestors. |
|
PO - Proposed owner |
Proposed owner of the attestation object For more information, see Using owners of the attestation objects to find attestors. |
|
PW - Owner of the attestation policy |
Owner of the attestation policy to run. For more information, see Determining attestation policy owners. |
|
RE - Manager of system roles to be attested |
System role manager to be attested. For more information, see Using attestation object managers to find attestors. |
|
RM - Role manager for attesting memberships |
Manager of role to be attested if secondary memberships in roles are attested. For more information, see Using attestation object managers to find attestors. |
|
RR - Role manager for attesting roles and role assignments |
Manager of role to be attested. For more information, see Using attestation object managers to find attestors. |
|
SO - Target system manager of the entitlement to attest |
Target system manager of system entitlement or user account to be attested. For more information, see Using persons responsible for attestation objects to find attestors. |
|
WC - Waiting for further approval |
- |
|
XM - Manager of the identity for all attestations |
Manager of the identity that can be determined with the attestation object. For more information, see Using attestation object managers to find attestors. |