Do we have any OOTB feature to identify or flag the change of access if it is being done outside RSA IAM solution?
Do we have any OOTB feature to identify or flag the change of access if it is being done outside RSA IAM solution?
Yes, you can use a rule type Unauthorized Change Detection
This rule detects entitlements to business sources granted to accounts that were not approved in a change request in RSA Identity Governance and Lifecycle.
For example, a user is granted an entitlement to a business source through his/her account outside of RSA Identity Governance and Lifecycle.
Subsequent data collections collect the account and the entitlement. When the rule is processed, it detects that there is no record of an approved change request for the addition of such entitlement in RSA Identity Governance and Lifecycle.
That constitutes the unauthorized change you can choose to address with email notification and change request generation actions.
Yes, you can use the Unauthorized Change Detection rule type for this purpose. The first time you run the rule it will create a baseline and from the next run it will start detecting these changes.