When are policies typically evaluated?

Policies in SailPoint IdentityIQ are typically evaluated during specific operational activities such as aggregation, identity cube refreshes, or specialized tasks. This is because these operations inherently involve the assessment and application of defined identity governance policies to ensure compliance, risk management, and overall identity lifecycle management.

During aggregation, IdentityIQ collects data from various sources which allows it to reevaluate identities according to the established policies. The identity cube refresh further consolidates this data, ensuring that any changes in the identity attributes or status are reflected and that the policies are being correctly applied based on the latest information. Additionally, specialized tasks may refer to scheduled compliance checks or ad-hoc evaluations where policies need to be actively considered and enforced.

This systematic evaluation process enables organizations to maintain tight control over access and permissions, ensuring compliance with organizational policies and regulatory requirements as identities change. The other options do not accurately reflect the regular and proactive nature of policy evaluation within the identity governance framework, as they suggest a less frequent or reactive approach that is not aligned with best practices in identity management.