We are starting to look at onboarding alot of 3rd Party Apps.
As we discuss requirements with the relevant departments in the organisation it has become apparent that alot of these applications are websites that we cannot connect to therefore cannot onboard into RSA for access management.
The audit requirement for these apps we cannot connect to/onboard is we send a notification to a department administrator - they then confirm they have received the notification and taken the appropriate action -
example - user leaves firm - we generate an email to the department admin to say X has left please remove access to AppA AppB AppC - Dept Admin then confirms they have taken the action (removed access/the user account etc)
Is there a way of doing this in RSA - i appreciate its going to be more difficult as we cannot onboard the application directly but is there a way of building this into a workflow using email templates or other methods.