How to define a custom attribute as a user with group review rights in RSA Identity Governance and Lifecycle
RSA Product Set: RSAIdentity Governance and Lifecycle RSA Version/Condition: 6.9.1 and later
Some organizations need to allow an additional collected user to have review rights over a group. For example, when the primary owner is out of the office..
Under Admin > Attributes > Group, add a custom attribute, such as Additional Authorizer to the resource definition. The custom attribute must have a data type of User.
Under Collectors > Account Collector > [collector name] > Edit > Group Data for the Account Data Collector that is expected to collect these groups, set the Additional Authorizer mapping to an appropriate user field in the data source.
Under Reviews > Definitions > [review name] > Edit definition > Reviewers, when the custom attribute is of type User, then the person designated as the Additional Authorizer can be selected as a Reviewer:
Groups can be reviewed by going to Reviews > Definitions in the user interface. There is a built-in review there called Group review with default options that can be used to create a group review. Click on that, then click Edit Definition to change the options. You can click Run Review to run it.
NOTE: It is recommended to create a new definition rather than edit an existing OOTB definition. To do this, select Reviews > Definitions > Create New Review Definition > [choose the group review type]