Rule Recertification Field

Workflow Owner This topic is intended for SecureChange workflow owners, who are responsible for creating and maintaining workflows.

When you configure workflow steps, rule recertification is used to document and verify the need for a rule, often for standards compliance and auditing. The process allows a handler to certify rules and extend their expiration date. Alternatively, a rule may no longer be required and can be marked to be decertified. Once decertified, you can initiate a decommission workflow. For more information, see rule decommission field.

The rule recertification field receives rules from the SecureTrack Policy Browser and lets you create a ticket in SecureChange for a handler to select whether to certify or decertify selected rules from supported devices.

When you configure the rule recertification field in a workflow step, the the Field display name and Tooltip text are the same for every step that the field is added to. All other settings apply only to the current step.

General

  • Read-only - The handler of this step can view the contents but not edit values of the field.

Show

  • Update Metadata - Lets the handler of the step update rule metadata from SecureChange to SecureTrack specifying if a rule should be recertified or decertified. When recertifying rules, a date log is required.

When assigning steps, it is recommended not to use the Dynamic Assignment mode for a Rule Recertification workflow in cases where two tasks are assigned to different handlers within the same step.

In a Rule Recertification workflow, when multiple tasks are opened on the same step by Dynamic Assignment, no changes can be made to the rules or objects within the rules, and all tools (such as Designer and provisioning) are disabled for the handlers, even if the same handler is configured for all the tasks in the step.

Once you have completed all the required fields and the workflow is saved and active, the next stage of this process is handled in SecureTrack where a rule recertification ticket request is created.