performing-entitlement-review-with-sailpoint-iiq

Featured

Performs entitlement review and access certification campaigns using SailPoint IdentityIQ including manager certifications, targeted entitlement reviews, role-based access validation, SOD violation remediation, and automated revocation workflows. Activates for requests involving access reviews, entitlement certifications, SailPoint IIQ governance, or periodic user access recertification.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing Entitlement Review with SailPoint IdentityIQ ## When to Use - Quarterly or annual access certification campaigns are required for compliance (SOX, HIPAA, PCI-DSS) - Organization needs automated manager-based access reviews for all direct reports - Targeted entitlement reviews are needed for sensitive applications or high-privilege roles - Separation of Duties (SOD) violations must be identified and remediated - Orphaned accounts and excessive entitlements need to be discovered and cleaned up - Audit findings require evidence of periodic access review and remediation tracking **Do not use** for real-time access control decisions; IdentityIQ certifications are periodic review processes designed for governance and compliance validation. ## Prerequisites - SailPoint IdentityIQ 8.2+ deployed with database backend (Oracle, MySQL, or SQL Server) - Application connectors configured for all in-scope systems (Active Directory, LDAP, databases, SaaS applications) - Identity cubes aggregated with current entitlement data from all connected sources - Email server configured for certification notifications - Manager hierarchy defined in the identity model - Business roles and entitlement glossary populated for reviewer context ## Workflow ### Step 1: Define Certification Campaign Strategy Plan the certification scope and reviewer assignments: ```java // SailPoint IdentityIQ BeanShell - Campaign Configuration import sailpoint.object.*; import sailpoint.api.*; import ja...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

MySQL · Database

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

performing-access-recertification-with-saviynt

Configure and execute access recertification campaigns in Saviynt Enterprise Identity Cloud to validate user entitlements, revoke excessive access, and maintain compliance with SOX, SOC2, and HIPAA.

12,642 Updated today
mukul975
AI & Automation Solid

implementing-identity-governance-with-sailpoint

Deploy SailPoint IdentityNow or IdentityIQ for identity governance and administration. Covers identity lifecycle management, access request workflows, certification campaigns, role mining, SOD policy

12,642 Updated today
mukul975
AI & Automation Featured

performing-access-review-and-certification

Conduct systematic access reviews and certifications to ensure users have appropriate access rights aligned with their roles. This skill covers review campaign design, reviewer selection, risk-based p

12,642 Updated today
mukul975
AI & Automation Featured

performing-privileged-account-access-review

Conduct systematic reviews of privileged accounts to validate access rights, identify excessive permissions, and enforce least privilege across PAM infrastructure.

12,642 Updated today
mukul975
AI & Automation Solid

iam-policy-reviewer

Execute iam policy reviewer operations. Auto-activating skill for Security Advanced. Triggers on: iam policy reviewer, iam policy reviewer Part of the Security Advanced skill category. Use when working with iam policy reviewer functionality. Trigger with phrases like "iam policy reviewer", "iam reviewer", "iam".

2,266 Updated today
jeremylongshore