Define policy exception and extension rules

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read

    • Configure granular approval rules for policy exceptions and extensions using the GRC Approval Configurator.

    Before you begin

    Role required: sn_compliance.manager to create the policy exception and extension rules.

    Procedure

    1. Navigate to All > Assignment and Approval Configurations > Approval Configurations.
      The Approval Configurator is shipped with default templates for verification, final approval, and extension. The priority is set for each of them. By default, verification configuration is set with priority 1, approval configuration is set to priority 2, and extension approval configuration to priority 3.
    2. Select the configuration template.
    3. On the form, fill in the fields.
      Table 1. Approval Configuration form
      Field Description
      Name Enter a name for this configuration.
      Active Select this option to activate the configuration.
      Applies to Ensure that Policy exception (sn_compliance_policy_exception) option is selected.
      Domain Search for and select the functional group or role that should be associated with the approval flow.
      Filter Condition Use filter conditions to define when the configuration should be activated. The available values are sourced from the Policy Exception table. You must set both the State and Sub-state conditions. Use logical operators such as AND or OR to build complex condition sets.
    4. Select New in the Approval Levels table to add approval levels to the configuration.
      1. Provide a name.
      2. Assign a level.
      3. Select Submit.
      You can add multiple levels for the configuration. Each level can have its own rule, assigned users or groups, and triggering conditions.
    5. Select the approval level you have created and select New to add the rule to the approval level.
      1. Fill in the following fields.
        Table 2. Rule configuration
        Field Description
        Name Enter a name for this rule.
        Description Provide a description for the rule.
        Source Select the source table for rule evaluation.
        Additional condition Optionally refine the source table by applying additional filters.
        Query using field Select a field on the source record to query for matching approval conditions.
        Approve type Select the approver from the following options:
        • Specific approvers: Select individual users, groups, or both as approvers directly. This option allows you to manually assign approvers without relying on dynamic or source-based logic.
        • Approver from source: Select approvers based on values from the source table. You can choose a user field, a group field, or both to dynamically determine approvers from the source record.
        • Dynamic approvers: Define approvers dynamically using the source. Apply static or advanced dynamic conditions to filter approvers. You can select a user field, group field, or both to determine who should approve.
        • Scripted approvers: Use a script to programmatically determine approvers. The script must populate the users and groups variables.
        Approval required from Select All to make it mandatory for all selected users to approve the exception. Select Anyone to allow a single user to approve on behalf of all approvers.
      2. Select Submit after adding the details.

    Result

    The rules are now set for approvals for policy exception and extension.