|
|
|
This chapter is designed for managers who can run Self-Service based Approval Processes and for entity managers who may receive Approver tickets as part of the Self-Service approval process.
Self-Service requests can be divided into two basic types:
While the tickets generated by both types of tasks are similar, they do not behave in the same manner, and therefore they are described separately. The ticket functions work the same irrespective of the ticket where you find them, for example a Consult utility works the same even if the ticket type providing the service is different.
As CA RCM is a role management product, many of the features focus on roles. The Role Definition tasks focus on the roles. The CA RCM assumes that user updates will come from a relevant source, such as a Human Resources database. Resource information is collected from the end-points during import.
When a Role Definition task is completed a Requests screen opens. This screen has two tables:
The next step is to submit all the requests for review by the relevant entity managers. This process is known as an Approval Process.
Self-Service role definition tasks are focused on the system's roles, and the possibility of enrolling users in those roles, assigning them various resources and creating hierarchal connections between different roles, or on the possibility of severing an existing link between a role and another entity. Therefore, during the Approval Process, review tickets are generated for both the role and the linked user/resource/role (hierarchal).
This process is started by the manager who made the Self-Service request (the Self-Service Manager). When an instruction to begin an Approval Process is given, the CA RCM generates a hierarchal Approver Process ticket tree. While for most Self-Service provisioning tasks the ticket tree is generated at once and the task managers and link approvers can work with their tickets directly, Self-Service Role Definition task tickets are generally generated in stages.
A Task ticket sent to the Self-Service task manager.
An Add Role ticket sent to the Role manager.
One Link Entity-Role parent and one Link Entity-Role approver ticket for each request made during the original Self-Service task. The parent ticket is always assigned to the Role manager.
An Update Role ticket sent to the Role manager. This ticket is generated only when a request to Add entities is made.
One parent and one approver ticket for each request made during the original Self-Service task. The request can be to either add a link or remove a link between the role and another entity. The parent ticket is always assigned to the Role manager.
The ticket tree generally comprises four families of tickets:
This ticket belongs to the Self-Service manager. Each approval process has only one root ticket.
This ticket type depends on the type of request made during the role definition task. There are two possible sources for this ticket:
When a new role is generated, this is the main parent ticket. Below it you will find the Task ticket used to select the role's accountable, the role managers' approver ticket and the set of subtrees generated for each request listed in the original Requests table.
When a request is made to update a role definition, this ticket is the main parent ticket. Below it you will find the role managers' approver ticket and the set of subtrees generated for each request listed in the original Requests table.
This ticket is of the same type as the Approver tickets associated with it. This ticket belongs to the Role manager. This node is the parent of the actual approval process Approver tickets that are sent to the Approvers. The number of sub-trees of this type present in an approval process tree depends on the number of Self-Service requests being processed.
As role definition task tickets are generated in stages, the CA RCM Portal generates on Role Approver ticket for the role manager and a set of sub-trees, one per request, comprising a Request Parent ticket belonging to the Role manager and an Approver ticket that is sent to the user, resource or role (hierarchal) manager. The tickets generated belong to one of the following ticket types:
Generated when adding a link to specific role.
Delete-Link User-Role, Delete-Link Role-Resource or Delete-Link Role-Role
Generated when making a request to sever a specific link to the role.
The role manager approver ticket generated when a request is made to add a new role to the configuration.
The role manager approver ticket generated when a request to update role definitions is made or in the special case of multi-user requests to enroll users in a role, where the number of users exceeds the system's threshold.
Entity managers are assigned to an Approval Process as approvers based on the link type. For example, for a Delete Link User-Role process, the user's manager and the role's manager will be assigned as approvers. Users can become approvers for other users only if the Approver's name appears in the manager column (of the Universe's Model configuration files) for the specific user. Users can become approvers for Roles and/or Resources only if they are listed in the configuration's RACI presentation under Accountable, this means that a specific user becomes accountable for a specific entity. Therefore, if you are listed as an entity manager, you will receive Approver tickets when an administrator runs an Approval Process involving your assigned entity.
Self-Service managers have overall control of the approval process. They can transfer responsibility of the process to another manager or cancel the process when necessary.
As the Role manager for the role that is under review, you are tasked with reviewing the changes requested by the Self-Service manager. Approval Processes that include adding links between a role and other entities will generate a Role Approver ticket. This ticket summarizes all the requests that are concerned with adding links between your role and other entities. Only if you approve the requests will the CA RCM Portal generate the Entity Approver tickets for theses requests. The reason for this is that the system approves only requests regarding links that have been approved by the managers of both of the linked entities. Therefore if you do not approve the request, to add links, the system considers the request to be denied.
In the case of a Role Update request, if the requests included only removing links or they encompassed both adding and removing links, the tickets generated by the request to remove links will still be generated.
As an approver you are tasked with making the decision whether to approve the request to add/sever a link or not. To aid you in the decision making process, you have the ability to consult with other managers.
Important! As several complex procedures are documented in this chapter, it is important to remember that every ticket has a unique ticket ID number that can be used to differentiate between tickets of the same type that deal with the same issue, but have different functionality or purpose.
This section contains the following topics:
Role Definition Approval Root Ticket
Role Definition Main Request Parent Ticket
| Copyright © 2010 CA. All rights reserved. | Email CA Technologies about this topic |