Role and Group Review Result behavior when members/entitlements are added to the underlying review items in RSA Identity Governance & Lifecycle
Originally Published: 2019-08-29
Article Number
Applies To
RSA Version/Condition: All
Issue
Resolution
The behavior of Role Review Results and Group Review Results in RSA Identity Governance & Lifecycle differs slightly from other review types when changes are made to the underlying review items. In the case of Role and Group Reviews, when members and/or entitlements are added, the added member or entitlement is viewable in an existing Review Result without any Refresh option being performed. In the case of a Role, this is true even if the change to the role has not been committed. However, no action can be taken on the new item unless the Review Result is refreshed and the change to the Role has been committed.
This behavior is to allow the reviewer the see the complete picture when making review decisions. For example, determining what action to take when reviewing a specific entitlement belonging to a role could be influenced by what other entitlements the role has.
In the following example, note that role A1 Role has one entitlement in Role Review A-2:
After a second entitlement is added to role A1 Role, the entitlement is visible in Role Review A-2 but the item is not actionable. This is true before and after the change to role A1 Role has been committed.
After the Review has been refreshed (and the role committed), the new item is now actionable.
