Non-Employee Risk Management Sources in Identity Security Cloud to support Profile Status filtering

Announcements Product News
, , ,
1

Background

Non-Employee Risk Management Sources in Identity Security Cloud will now support filtering profiles for aggregation based the profiles’ status in NERM.

Problem

Prior to this enablement, Non-Employee Risk Management sources in ISC that are configured to use the SailPoint Non-Employee Risk Management connector would aggregate all profiles of a given type, regardless of status. This caused problems for customers who did not want to aggregate Inactive Non-Employee or Assignment profiles into ISC for governance.

Solution

Screenshot 2025-06-02 at 12.50.50 PM
Screenshot 2025-06-02 at 12.50.50 PM1920×902 71.8 KB

  • We are introducing a new setting on the Non-Employee Source configuration in ISC: NERM Account Aggregation Filter by Status. This setting is a dropdown with two options:
    • All - Profile statuses to be aggregated: Active, On Leave, Inactive, Terminated
    • Active - Profile statuses to be aggregated: Active, On Leave*

* Note: this is consistent with the display of profiles in NERM, where On Leave profiles are included under the “Active” status in tables

  • This setting will be available on all Sources using the SailPoint Non-Employee Risk Management connector
    • This includes Sources configured prior to April 2025, which were manually configured via ISC to aggregate a single Profile Type
    • This includes Sources configured since April 2025 which use the Identity Security Cloud Connection Settings configuration in NERM
  • The default selection for this setting will be All
    • This is consistent with the current approach wherein profile of all statuses are aggregated by the Source.
    • Changing the setting to Active will update the accounts to only reflect Active Profiles on the next aggregation

Dates

This new setting will be available on Non-Employee Risk Management Sources in Identity Security Cloud during the week of:
June 16, 2025.

2 Likes
2

There is a slight delay with the enablement of this feature. We still plan to enable this status filtering on Non-Employee Sources this week, but the setting will not be available today as previously indicated. We apologize for the inconvenience.

3

Hi @jeff_lakey,

Thank you for this thoughtful enhancement to Non-Employee Risk Management sources in ISC.

The ability to filter aggregated profiles based on status is a highly practical improvement. By giving administrators the option to exclude Inactive or Terminated profiles from ISC aggregation, this update helps reduce noise, improves governance relevance, and streamlines identity lifecycle operations, especially in environments with high non-employee short-term assignments.

Given the recent update noting a slight delay in enablement, could you kindly confirm the revised release date or expected timeline for when this setting will become available in production?

Appreciate the continued investment in making NERM integrations more manageable and governance-friendly.

4

Hello Amar,

This option is now Live on Non-Employee Risk Management sources in ISC production tenants. If you are not seeing it in your tenant, please let us know.

Additionally, we have already received feedback from some of our customers that more granularity from this filtering is desired. Currently the options are ‘Active’ or ‘All’. This means that you can filter out Inactive and Terminated profiles by setting the filter to “Active”, but not Inactive or Terminated Profiles. We are open to targeting further enhancements to this feature, but we’d like to better understand the use cases around more granular profile status aggregation filtering. If you have more details on this business case, please let us know!

Thank you,
Jeff Lakey
Sr. Product Manager
Non-Employee Risk Management

2 Likes