Privileges(signoff and review) in coverage files are honored only when the sign off is enabled in review definition for RSA Via Lifecycle and Governance

3 years ago

Originally Published: 2016-03-01

Article Number

000056239

Applies To

RSA Product Set: Identity Management and Governance
RSA Product/Service Type: All
RSA Version/Condition: All version

Issue

The structure of reviewer or monitor coverage file for reviews contain a Privilege option as follows:

<Reviewer/Monitor Filter>|<Subject Type>|<Subject Filter>|<Object Type>|<Object Filter>|<Privilege>

The following privileges specify what a reviewer can do with a review with regards to sign-off:
review: Reviewers can save updates to review items.
signoff: Reviewers can only sign off on updated review items.

When the reviewer privilege is null and sign-off is enabled for reviews, the privilege is considered to be sign-off for backward compatibility. These privileges are honored when sign-off is enabled for reviews; otherwise, it is ignored.

If you have included one of the above privileges in coverage file and not enabled the sign off option in review definition, the review result will not include the privilege as mentioned in coverage file.

Resolution

You need to enable the "Sign OFF" option in review definition for the privileges in the coverage file to be honored.

Notes

Sign off option does not only impact the reviewers who have that privilege.The owner of the review or an admin will have the sign off privilege when the option is enabled.Having the sign off option would make it clear whether that option would be enabled in the generated reviews or not.When sign off option is desired, that option need to be explicitly chosen apart from specifying in coverage files.

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles