The following table describes the default exception workflow:
Stage | Options | Next Stage | Status | Description |
Requested | Request | Review | Requested | Start of workflow stage, exception automatically transitions to Executive owner of the entity for Review. |
Close | Closed | Expired | When rejected by stakeholders of the review or sign off stage, gives the requestor the opportunity to add more information and request again or close the ticket as rejected. Note: Exception permissions are required. | |
Review | Sign off | Sign off | - | Transitions the request to Security owner of the entity for Sign off. |
Reject | Requested | Rejected | Returns the request to Exception Requestor and transitions the request back to the Requested stage. | |
Delegate | - | Delegated | Assigns the request to another user and allows that user to sign off or reject the exception as the temporary stakeholder of the Review stage. Note: If the delegate rejects the request, it moves back to the requestor. | |
Sign off | Accept | Closed | Accepted | Closes the request with an accepted status and removes the out-of-compliance results from related reports and assessments. |
Rejected | Rejected | Rejected | Returns the request to Exception Requestor and transitions the request back to the Requested stage. | |
Closed | Terminal stage, either Accepted or Expired depending on the action that closed the ticket. |