RSA Product Set: RSA Governance & Lifecycle
RSA Version/Condition: All versions
A role within a Role Review process is showing a "Changed" status, despite no actual changes being committed. During the review, however, some actions were taken—such as marking the role as reviewed, or maintaining or revoking members and entitlements—which were subsequently undone. Effectively, no changes were committed to the role, but the role still appears in a changed state.
During a Role Review, a role may appear in a "Changed" state even if all review actions have been undone.
Explanation:
The following user actions trigger the role to move from a "Committed" to a "Changed" state:
- In the Role Review wizard, the user opens a role that is in a Committed state.
- In the Role Summary screen, the user performs at least one of the following:
- Clicks "Mark Reviewed" on the General Info tab (then undoes it).
- Maintains or revokes a Member (then undoes it).
- Maintains or revokes an Entitlement (then undoes it).
- Although the user undoes the action, the role has already been flagged internally as modified.
Once this flag is set, the role remains in a "Changed" state to preserve the audit trail and track any user interaction.
SQL to Check Role Component Changes:
The following SQL statement can be run to confirm if any change operations were recorded during the review process:
SELECT * FROM t_av_review_comp_changes WHERE review_component_id IN ( SELECT rc.id FROM t_av_review_components rc INNER JOIN t_av_reviews r ON rc.review_id = r.id AND r.name = '<REVIEW_NAME>' INNER JOIN t_av_roles rl ON rc.component_id = rl.id WHERE rl.name = '<ROLE_RAW_NAME>');
In the above SQL statement:
- Replace
<REVIEW_NAME>with the actual name of the Role Review - Replace
<ROLE_RAW_NAME>with the raw role name as seen in the database
Conclusion:
This is expected product behavior. Once a user performs any review-related action, the role is flagged as changed — even if all actions are undone later. No product defect exists in this scenario.
Related Articles
Access Fulfillment Express (AFX) does start after applying Patch 11 or higher to RSA Via Lifecycle and Governance 6.9.1 Number of Views Change Request Revert Workflow stuck in Canceling state in RSA Identity Governance and Lifecycle Number of Views Unable to edit Role Membership Rule in RSA Governance & Lifecycle Number of Views Data collection fails with error "java.lang.ArithmeticException: / by zero" in RSA Identity Governance & Lifecycle Number of Views Windows - Not Receiving Application and System Events Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide How to Download OTP Token Seed Files from myRSA RSA Authentication Manager 8.9 Release Notes (January 2026)
