000037888 - Role and Group Review Result behavior when members/entitlements are added to the underlying review items in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Aug 29, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037888
Applies ToRSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: All
 
IssueWhat happens to a Role or Group Review Result when members/entitlements are added to the underlying review items in RSA Identity Governance & Lifecycle?

 
Resolution
The behavior of Role Review Results and Group Review Results in RSA Identity Governance & Lifecycle differs slightly from other review types when changes are made to the underlying review items. In the case of Role and Group Reviews, when members and/or entitlements are added, the added member or entitlement is viewable in an existing Review Result without any Refresh option being performed. In the case of a Role, this is true even if the change to the role has not been committed. However, no action can be taken on the new item unless the Review Result is refreshed and the change to the Role has been committed.


This behavior is to allow the reviewer the see the complete picture when making review decisions. For example, determining what action to take when reviewing a specific entitlement belonging to a role could be influenced by what other entitlements the role has.

In the following example, note that role A1 Role has one entitlement in Role Review A-2:
 
User-added image



After a second entitlement is added to role A1 Role, the entitlement is visible in Role Review A-2 but the item is not actionable. This is true before and after the change to role A1 Role has been committed.
 
User-added image


After the Review has been refreshed (and the role committed), the new item is now actionable.
 
User-added image
 


User-added image


 

Attachments

    Outcomes