Identity Governance automatically calculates policy violations when:
An certification policy is defined or modified
Identity or data application is published
Reviews included in the policy are completed
In addition, you can also schedule when certification policy violation calculations will occur when defining a policy. However, you will need to manually calculate policy violations after events such as partial reviews and expiration of the certification policy validity period.
NOTE:If certification policy violations and related risk factors are configured, Identity Governance risk scores will be impacted. Therefore, calculate certification policy violations before calculating risk scores. For information about risk scoring, see Section 21.0, Calculating and Customizing Risk.
To schedule certification policy violation detection:
Log in as a Customer, Global, Data, or Review Administrator.
Under Policy, select Certification.
Select Schedule tab, add and remove policies to the schedule, and set the schedule.
NOTE:By default, all certification policies will be included in the scheduled detection process. However, once you remove a policy from the schedule, Identity Governance will detect violations only for the policies included in the schedule. To detect violation of other policies you can either manually calculate policy violations or add the policy to the schedule.
Select Active and then select Save to activate the schedule.
To manually calculate policy violations:
Log in as a Customer, Global, Data or Review Administrator.
Under Policy, select Certification.
In the Policies tab, select the policy for which you want to calculate policy violations.
Select Actions > Calculate Policy Violations.
NOTE:When a certification policy includes multiple review definitions, and when an entity is included in more than one review definition, then the certification status is defined based on the last review. You can cancel calculations in progress by selecting Cancel next to the progress status.