About the entitlements system workflow

To understand the workflow of the entitlements system, you must review the concepts that are related to the entitlements system.

See Concepts in entitlements.

The workflow of the entitlements system starts with marking an asset as a control point and ends with the generation of the entitlements reports. The entitlements reports include the Effective Permissions Report, the Simple Permissions Report, the Entitlement Changes Report, and the Trustee Report.

See About the control point status.

The users in the role of an entitlement administrator and the entitlements data owner perform the tasks in the entitlements system.

See Predefined roles.

The tasks in the entitlements system can be divided as follows:

Manual tasks	Performed by the user Require user input and user action.
System tasks	System tasks Require no user input and user action.

You can perform the following manual tasks in the entitlements system based on your role:

Mark an asset as a control point

See Marking an asset as a control point.

You mark an asset as a control point if you want to monitor the entitlements of the asset through the approval workflow.

The entitlement administrator can mark assets as control points from the asset system.

When the assets are marked as control points they appear in the Manage > Entitlements > Control Points view.

By default, the control points are in the No Review Configured state.

Create a review cycle setting

See Creating a review cycle setting.

You create a review cycle setting to define a review period for the approval of the entitlements of the control points.

The entitlement administrator can create a review cycle setting from the Manage > Entitlements > Review Cycle Settings view.

Assign the role of data owner to a trustee

See Adding users and groups to a role.

You select a trustee who can review and approve the entitlements for the control points.

You must assign the role of an entitlements data owner to the trustee from > Settings > Roles view.

Configure the control point

See Configuring control points.

You configure a control point to assign a data owner or an approver, the tags, and the review cycle to the control point.

The entitlements administrator can configure the control points from the Manage > Entitlements > Control Points view.

The control points status changes to Review Start Awaited when the control point is configured with a review cycle

When you configure the control point with a review cycle the entitlements system transitions the control points in various states. The states are based on the review cycle status.

The control point status changes from Review Start Awaited to Review Started when the review cycle starts. The system starts the review cycle on the start date that is specified in the review cycle setting.

The system then changes the control point status from Review Started to Entitlement Import Required. The Entitlement Import Required status is set according to the number of days specified for importing the entitlements before the approval starts.

Import entitlements

See Importing the entitlements manually.

See Configuring the automatic entitlements import.

The entitlements administrator must import the entitlements before the approval starts. The entitlements are then available for the data owner to approve.

If the automatic entitlements import is not configured, then the entitlements administrator must import the entitlements manually.

The control point status changes from Entitlement Import Required' state to Entitlement Import Pending when the entitlements import is in progress.

When the entitlement import is complete the system changes the control point status to Approval Start Awaited.

The control points status changes from Approval Start Awaited to Request for Approval when the approval period starts. The approval period starts on the approval start date that is specified in the review cycle setting.

Request for Approval

See Requesting approval of entitlements.

The entitlement administrator requests the approval of entitlements when the approval period starts.

After the entitlement administrator requests for approval, the data owner can either approve the entitlements or request changes in the entitlements.

Approve the control points

See Approving the entitlements.

The data owner can view the entitlements for the control points and approve the control points from the My Control Points view.

The alternative approver can also approve the control points if the alternative approver is enabled.

After the approval, the control point status changes to Approved.

Request changes in entitlements

See Alternative approver.

The data owner can request changes in the entitlements of the control points.

The control points status changes to Request for Change.

Request for Approval

See Requesting approval of entitlements.

The entitlement administrator can request for approval again when the IT department implements the change requests of the data owner.

The entitlement administrator must import the entitlements again.

When the entitlement administrator requests for approval of the control points for which a change is requested, the status changes to Entitlement Import Required.

Import entitlements

See Importing the entitlements manually.

See Configuring the automatic entitlements import.

The entitlement administrator must import the entitlements before the approval starts. The entitlements are then available for the data owner for approval.

If the automatic entitlement import is not configured, the entitlement administrator must import the entitlements manually.

The control point status changes from Entitlement Import Required' state to Entitlement Import Pending when the entitlements import is in progress.

When the entitlement import is complete the system changes the control point status to Request for Approval.

The data owner can now approve if the entitlements are as expected or again request for change if the entitlements are not as expected.