Within Account Access and Ownership Reviews, the Maintain and Revoke buttons are mandatory and cannot be hidden or removed. When a reviewer selects Revoke against the account, this will result in a change request being generated to delete the account.
It is not always possible to delete accounts and it has been asked by multiple customers how the Revoke button behavior can be changed to perform disablement of the account or even disablement and removal of access.
The attached document, created by RSA Professional Services, provides details on the out of the box components used and steps followed to create an Approval Workflow to:
- Reject the automatically created Delete Account change request
- Create a new change request to disable the account
- Create a new change request to remove access (if required)