What characterizes an unmanaged plan in SailPoint IdentityIQ?

An unmanaged plan in SailPoint IdentityIQ is characterized by the presence of a connector that does not support provisioning. This means that the plan can leverage certain data or resources identified by the connector, but it lacks the capability to provision identity changes back into those resources. This is fundamental in distinguishing unmanaged plans from managed ones, which would typically have the ability to perform provisioning actions.

When a connector does not support provisioning, the identity governance elements such as access requests and certification activities can still function, but any changes or updates made to identities are not automatically reflected in the target systems through the plan. As a result, while the plan operates under constraints, it still allows for various identity management tasks to be executed, albeit without the ability to enact changes directly.

Understanding this concept is essential for tailoring identity governance processes within SailPoint IdentityIQ, as different types of plans serve distinct purposes depending on the capabilities of the connectors associated with them.