Taskboards - Reviews
The Reviews page (System Configuration > Taskboards > Reviews) allows you to define Permission Assist settings that affect the Review Items taskboard. You can also define corrective control policies for access requests. Settings in this area affect all access requests in all reviews and personnel events.
Option |
Description |
---|---|
Reassign Identity |
Allows you to determine who is able to reassign identities within the review using the Reassign Identity option. By default, this field is set to "Everyone" meaning all Permission Assist users are able to reassign identities if needed. To restrict access to this option:
|
Reassign Review Supervisor |
Allows you to determine who is able to reassign supervisors within the review using the Reassign Supervisor option. By default, this field is set to "Everyone" meaning all Permission Assist users are able to reassign supervisors if needed. To restrict access to this option:
|
Add Reviewer |
Allows you to determine who is able to invite someone into the review to comment on or take action on review items as a specific role. For example, if a supervisor normally reviews their direct reports, but they would like to invite their department manager or application owner to comment on or review a specific item, they can add a reviewer to the review item so that person can take action as needed. By default, this field is set to "Everyone" meaning all Permission Assist users are able to add reviewers to review items. To restrict access to this option:
|
View Risk Ratings |
Allows you to determine who is able to see the risk ratings assigned to each privilege. By default, this field is set to "Nobody" meaning risk ratings will not be displayed to anyone. To change this setting:
|
View Pre-Approved Review Items |
Allows you to determine whether reviewers are able to see pre-approved items within the Review Items Taskboard. By default, this field is set to "Everyone" meaning everyone will be able to see pre-approved items. To change who can see pre-approved items:
|
Can Approve Own Review Items |
Allows you to determine whether reviewers are able to take action on (approve or flag) their own permissions. By default, this field is set to "Everyone" meaning everyone will be able to review and approve or flag their own permissions. To change who can review their own permissions:
Reviewers that are restricted from reviewing their own permissions will see the approval restriction message displayed in the Review Buttons area of the Review Items Taskboard (see picture below).
|
Always show a warning message even if the user can act |
This option works in conjunction with the Can Approve Own Review Items option. When this option is selected, reviewers that are allowed to take action on their own permissions will see the following warning message displayed in the Review Buttons area of the Review Items Taskboard (see picture below).
Selecting the I understand and wish to continue link at the bottom of this message allows the reviewer to continue reviewing their own permissions and take action as needed. |
Starting Remediation
These settings determine workflows for the remediation process.
Forced |
Select this option if you want review items to be immediately sent to remediation if they are flagged. When this option is selected, no manual action is needed to send the item to remediation. |
Optional |
Select this option if you want reviewers to be able to flag review items without immediately sending the item to remediation. When this option is selected, the reviewer will need to manually start the remediation process. |
None |
Hides all remediation options. Select this option if you want to handle remediation outside of Permission Assist. Review items can still be flagged and comments may be used to indicate items are sent to remediation. |
Limit the remediation workflow to only show assigned permissions or ones allowed by matching entitlement roles |
When reviewers request that a user's permissions be changed, they're given the ability to request both the removal of existing privileges as well as the addition of new privileges. If you'd like to prevent reviewers from requesting additional privileges during the review process, select this option. When this option is selected, reviewers will still have ability to request the removal of existing privileges, but they will not be able to request new permissions unless they are allowed based to the user's Entitlement Role. |