This section provides details on configuring the Compliance tab.
NOTE:For compliance and attestation processes, use NetIQ Access Review instead of the User Application. Access Review enables administrators and managers to easily collect all user and access information in one central location and certify that each user has only the level of access that they need to do their job. Following the principle of least privilege, Access Review helps you ensure that your users have focused access to those applications and resources that they use and cannot access resources that they do not need to access. You can review all permissions assigned to your employees, either individually or as a group, and decide whether those permission assignments are appropriate. For more information, see the NetIQ Access Review documentation.
The Compliance tab enforces the RBPM security model to secure access to compliance functions. If a user is not a Compliance Administrator, the Compliance tab is not available.
A Compliance Administrator is designated at installation time. After installation, the Security Administrator can assign additional users to the Compliance Administrator role. For details on assigning users to the Compliance Administrator role, see Section 7.3, Administrator Assignments.
When an attestation process is initiated, each attester receives an email message indicating that they must complete a compliance task. The message provides a link to the workflow activity that has been assigned to the attester. This behavior is enabled by default, but can be disabled in Designer.
The Compliance Task (Attestation Notification) template determines the content and format of email messages sent to attesters. For more information on this template, see Section 10.4, Working with Email Templates.