Identity Manager helps you validate the correctness of your role assignments through an attestation process. Incorrect roles assignments might jeopardize compliance with both corporate and government regulations. Using the attestation process, responsible individuals within your organization certify the data associated with roles:
User profile attestation: Selected users attest to their own profile information (first name, last name, title, department, e-mail, and so forth) and correct any incorrect information. Accurate profile information is essential to correct role assignments.
Separation of Duties violation attestation: Responsible individuals review a Separation of Duties violation report and attest to the accuracy of the report. The report lists any exceptions that allow a user to be assigned conflicting roles.
Role assignment attestation: Responsible individuals review a report listing selected roles and the users, groups, and roles assigned to each role. The responsible individuals must then attest to the accuracy of the information.
User assignment attestation: Responsible individuals review a report listing selected users and the roles to which they are assigned. The responsible individuals must then attest to the accuracy of the information.
These attestation reports are designed primarily to help you ensure that role assignments are accurate and that there are valid reasons to allow exceptions for conflicting roles.