CA Identity Governance Programming Guide › Customizing Business Flows › Common Functionality in CA Identity Governance Workpoint Processes › Assigning Reviewers › How to Define a Set of Reviewers › How CA Identity Governance Assigns Reviewers

How CA Identity Governance Assigns Reviewers

To assign each reviewer in a set of reviewers, CA Identity Governance matches one of the entities under review to a user account in the CA Identity Governance data universe. CA Identity Governance matches entities to reviewers in the following ways:

• CA Identity Governance searches a member list to find a record that matches attribute values of the entity. When a match is found, the review action is assigned to the user that is specified in that record of the member list.
• CA Identity Governance queries the RACI configuration files of the universe, and assigns the review action based on the user who is Accountable for the entity.

  Note: In user certifications, CA Identity Governance first queries the Configuration user manager field defined in the target universe to identify the manager of each user.

• CA Identity Governance assigns the review action to a default reviewer defined for the universe.
• CA Identity Governance retrieves multiple reviewers from CA Identity Manager Role Owners or Role Administrators at runtime.

  Note: Role reviewers from CA Identity Manager are treated as one action and the result is taken from the first reviewer that submits their decision.

• CA Identity Governance assigns the review action to a reviewer based on an entity (user, role, or resource) attribute or link attribute.

When you define a reviewer, you can specify one method, or a combination of these options.

Important! Define a default reviewer to avoid process errors when a reviewer is not found.

When you combine multiple methods, CA Identity Governance evaluates them in the following order:

1. CA Identity Governance searches the approver attribute you specify.
2. CA Identity Governance searches the approvers from the CA Identity Manager role you specify.
3. CA Identity Governance searches the member list you specify.
4. CA Identity Governance searches the RACI configuration using the logic you specify.
5. CA Identity Governance uses the default reviewer you specify.

CA Identity Governance proceeds until one method matches a reviewer, and uses the first reviewer it finds.

This behavior is similar to options in the certification template wizard of the CA Identity Governance portal. However, these options are generalized and available in all certification and change approval nodes.