Compiling Audits

In order to create attestation tasks for auditors to review, audits must be compiled. When an audit is compiled, EmpowerID creates a certification task for each of the resource objects included in the Recertification policies associated with the audit. For example, if you have an Recertification policy that checks the access assignments of a particular security group and the policy is associated with the audit you are compiling, when you compile the audit you trigger the policy, which in turn creates the appropriate recertification tasks.

In order to compile an audit, you must be the audit owner.

This topic demonstrates how to compile an audit.

Prerequisites: Before compiling an audit that generates Recertification tasks, you must do the following:

To compile audits

  1. From the Navigation Sidebar, navigate to the Audit Configuration page by expanding Compliance and Reports > For Auditors and clicking Audit Configuration.
  2. From the Audit Configuration page, click the Audits tab, search for the audit you want to compile and click the View Dashboard link for that policy in the Audits grid.
  3. From the Auditor Compliance Dashboard, click the Audits tab, search for the audit you want to compile and then click the View Dashboard link for that audit in the Audits grid.
  4. This takes you to the Audit Dashboard page for the audit. This page provides you with a dashboard for quick analysis of the audit's status as well as a Policies tab for viewing the Recertification policies included in the audit.

  5. From the Dashboard tab, click the Compile button.
  6. If you do not see the Compile button, check the Start and End dates set for the audit. If the Start date is later than the present date and/or the End date has passed, EmpowerID disables the Compile button as the parameters for the audit are no longer valid. To enable the button, update the dates accordingly. Additionally, ensure that you are the audit owner.

  7. Update the data appearing on the dashboard by clicking the Refresh button for each data region.
If you receive a "Succeeded" message after compiling an audit, but do not see new data after refreshing the dashboard this means that no new recertification tasks were created by the Recertification policies associated with the audit. With a previously compiled audit, this could simply indicate that no changes have occurred to an Recertification policy's target since the last compile ( no new access assignments have been granted to a group, for example). However, if the audit has never been compiled, this indicates that either the audit does not have an Recertification policy assigned to it or the Recertification policy is not targeted correctly for the policy type.