My business requirement is :
for "Role Assignment"
- Check if the user is in validity date + if the user is locked
Change the validity date if necessary
Unlock the user if necessary
New password if necessary
- Add a new role
Send a mail to Approver / Role Owner
Reminder each days during 2 days
From the 3rd day : escalation to GRAC_SECURITY ( possiblity to forward to Role Owner)
Risk Analysis mandatory for Role Owner
If there are SoD Risks : send an information mail to GRAC_POINT_OF_CONTACT
The system doesn't understand the system action, it is searching the role owner : because it's mandatory.