1. Using Advanced Controls
  2. Review a Role Request

Review a Role Request

A request approver may not have immediate knowledge of the person for whom a role is requested. So the purpose of a review is for an informed person, such as the user's manager, to provide input to the request approver. However, the reviewer's input is purely advisory; the request approver isn't bound by it.

The approver may make a final decision on the request without selecting a reviewer, and if so the review process is skipped. You can review a role request only if a request approver selects you as its reviewer.

A request for a given user may consist of a single role with a single security context; multiple assignments of a single role, each with a distinct security context; or multiple roles. When a review requires multiple judgments, you can make them collectively or one by one. (In particular, although requests for a single role with multiple security contexts may be related, you can accept or decline them independently of one another.)

To review a role request:

  1. Open the Access Request Reviews dashboard. From the Pending Review list, click the ID for the request you want to review.

  2. In the summary record of the request, click the name of a role you're reviewing to open its details drawer. Look over information about the data-permission request associated with the role and the user to whom the role is to be assigned. Also, if access controls were active when the request was made, go over the controls that have been violated and the conflicting roles those controls have identified. Then close the details drawer for the request you're reviewing.

  3. A requested role may contain privileges that grant access to Procurement functionality. If so, a user must have both the privilege and a corresponding action as a procurement agent for a business user.

    In this case, a Procurement Agent Action field appears in the summary record. Click its Edit link to open a drawer. Review procurement-agent actions selected automatically by the application, and potentially edited by the approver. When you finish, close the drawer.

  4. In the summary record, accept or decline the risk.

    • You may review a single-role request, or review multiple requests individually. For each, click the Accept Risk icon (a check mark in a circle) or the Decline Risk icon (the × symbol in a circle). A drawer opens; in it, write a justification for your decision (this is mandatory) and click either an Accept Risk or Decline Risk button.

    • If the request is for multiple assignments, you may choose to accept or decline all of them at once. Expand the Actions menu and select its Accept All or Decline All option. This opens the same Accept or Decline drawer, which you'd complete in the same way. But, of course, your decision would apply to all the requested roles.

  5. Depending on your decision, you can click the Accepted Risks or Declined Risks filter to review your work. Or, for a multiple-role request, click the Pending Review filter to list roles you've yet to act on.