Review Intelligence Policies

Overview

Review Intelligence Policies can reduce the time reviewers spend working on reviews by automatically making decisions on rows based on filter criteria or previous decision status. They define rules to compare the current review rows with the most recently completed or expired review for the same configuration, and act on rows that are the same in the new and previous certification.

For example, a policy can "Reject rows where identities have no recent activity" or "Approve previously approved and unchanged" access.

Two default rules are optionally available for all reviews, and can be added when creating a review:

• “Approve previously approved and unchanged”

• “Rejected previously rejected and unchanged”

Additionally, administrators can create custom policies and attach them to configurations with the Automations API.

An automation definition includes:

• The criteria, such as “Row is unchanged from the previous review and was previously approved”

• The action, such as “Approve & Sign-off”

• Whether it is available for all or some configurations

• Whether it runs by default

Automations with the HIGHLIGHT display style can use a custom highlight_color to visually distinguish matching rows in the reviewer interface. The color is specified as a hex code (e.g., #FF0000 for red, #FFA500 for orange). See the Automations API for details.

Add policies during review creation

Operators can apply available Review Intelligence Policies when creating a review. These rules can also run by default at the start of any review.

1. Create a configuration or search for an existing one on the Access Reviews page.

2. Start or schedule a review for the configuration and enable automation by clicking Use Review Intelligence Policies.

3. Enable the rules to run from the dropdown and save your changes.

Review intelligence action logs

Open the result actions dropdown and click View Action Log to see when a rule was executed for a single result.

Administrators and operators can review all automated decisions by opening a review and checking the status bar above the table. A chart indicates the total action count.

Assign policies to some or all configurations

The options when creating reviews will depend on the Review Intelligence Policies available to the review configuration.

Administrators can use Attach Automations and other API operations to manage these rules, and set whether they run by default or on an opt-in basis. An attachment operation assigns a single rule, or all rules, to a configuration.