Questions
Where do the tables pull data from?
How does it know what users are in or have access to an application, group, or secured folder?
What happens with failed elements? Once all elements are certified the task State changes to Closed Complete but where does the new action item (e.g. access removals) go and how is it tracked?
We have 1000+ applications/groups/secured folders in scope for review. Most are external apps where access is managed by the business lines. It would be great if there was a way to have everything reviewed in this same space but I don't see how that could be possible when a userbase is stored and maintained in an external app. We are looking into moving our review process into ServiceNow but we're not sure if we should use the certification plug-in, regular task (in the core product), or a combination of both. Hope I am making sense! Any thoughts or tips anyone could share would be great!