After you have data in your catalog, and (optionally) have customized review display column and configured reasons for review actions, you can start creating review definitions based on your organization’s requirements. The reviews enable a set of reviewers to examine who has access to what in their environment. In the review definition, you can assign runtime authorizations such as review owner and reviewers and specify review objects. Administrators can create review definitions for the following types of objects:
Access permissions, accounts, or technical roles of a set of users
Mapped and unmapped accounts
Permissions assigned to the accounts
Membership of a set of business roles
Identity attributes that were previously configured as available for reviews
Management assignments, specifically direct reports of supervisors
Business role definition including authorizations, membership, and attributes that were previously configured for reviews
Only users with the Review Administrator, Customer Administrator, or Global Administrator authorization can create and modify review definitions.