Which roles can certify policy violations?

The roles that can certify policy violations include Manager, Application Owner, Advanced, and Targeted because they encompass various responsibilities and permissions that allow for comprehensive oversight of identity governance and compliance processes within SailPoint IdentityIQ.

Managers typically have the authority to review the access of their direct reports and ensure that the identity governance policies are adhered to. Their involvement is essential as they are often closest to the operational activities and can make informed decisions regarding the legitimacy of detected policy violations.

Application Owners are responsible for specific applications and have intricate knowledge about the access and permissions associated with those applications. Their role is critical when assessing whether users adhere to the policies governing access to those applications.

The Advanced role provides heightened capabilities for users who require a deeper level of insight or privileges to manage complex identity environments. This role can execute certifying processes based on sophisticated understanding or higher-level access controls.

Targeted roles are aimed at users who are set to evaluate specific certifications, often focusing on particular compliance issues. Their targeted approach ensures that policy violations can be identified and certified promptly, according to relevance and context.

This combination of roles allows for a multi-faceted approach to certifying policy violations, ensuring that decisions incorporate diverse perspectives and expertise, which is crucial for effective identity governance and compliance.