When a certification task is opened, you may be required to verify the access of each user. This verification step is optional based on the configuration settings set in the certification definition. If verification is not required, then the initial summary view of users are skipped and you are presented with the user detail view.
If verification is required, then a decision must be made on each of the users that you have been asked to review. To do so:
In the Pending Certifications page, open the new or in progress certification review task. Page 1 of the certification task is displayed with a list of users.
Review the list of users and verify that each employee works for you, and that you are responsible for verifying their access.
From the Actions menu, select any one of the following for each user:
Claim: Select to restore a user to your verification queue for certification. This might happen automatically, depending on the values in certification configuration. See "Configuring Certification Options in Identity System Administration" in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Manager for information about the certification configuration options. However, even if each user is claimed automatically, you are free to choose another action.
Revoke: Select if the user is no longer part of the organization. This action removes the user from the certification process, and you will not approve or revoke roles and entitlements for this user. To return a user to your verification queue, select the user name, and select Claim from the Actions menu.
Re-assign: Select if the user works for someone else who should now be responsible for verifying the user's assigned roles and entitlements. This action removes the selected user(s) from the current certification, creates a new certification with the selected user(s), and assigns the person you specify as the primary reviewer for that new certification.
Abstain: Select if the employee does not work for you and you do not know who should be responsible for verifying the user's assigned roles and entitlements. This action on the user records on each role and entitlement assigns to the user your decision to abstain, that is, to leave each assignment as it is. If you know who should be responsible, then you can reassign the user instead.
After you have taken a verification action on each user, you must make certification decisions on each role and entitlement assigned to the users you have claimed. You do not need to make any further certification decisions on a user that you have revoked or reassigned or abstained. Normally, this means that you will open each user and then review its roles and entitlements, as described in "Reviewing Roles and Entitlements". However, you may also choose to delegate one or more users to another person, which allows that person to make certification decisions on the roles and entitlements assigned to that user. The following actions are available from the Actions menu:
Open: Select this action to review the details of each user and to make certification decisions on the roles and entitlements assigned to the user. See "Reviewing Roles and Entitlements".
Delegate: Select this action to allow another person to make decisions on the access privileges of each selected user. This action will create a new delegated-review task that contains the selected user(s) and will assign the task to the person you specify as delegate. Responsibility still remains with you, the primary reviewer.
Un-delegate: This action applies only to delegated users. This action removes each selected user from the delegated-review task and returns decision-making rights to you, the primary reviewer.
The Actions menu offers two additional convenience actions that are useful after you have made some certification decisions on the details of a user. These actions affect the decisions on multiple details, that is, accesses of each selected user:
Complete: Sets any missing decisions on role-assignments, accounts, or entitlement-assignments to Certify.
Reset Status: Clears all decisions made on the user including decisions on the user's access.
Edit Comment: Allows you to edit the comment associated with the certification task.
Sign-off: Allows you to complete the certification by signing off.