This is not a correct example of an IdentityIQ policy as stated. IdentityIQ policies are used to detect governance violations based on identity, account, entitlement, role, risk, or activity conditions. An account policy is concerned with whether an identity has an account, lacks a required account, or has an account that violates defined account-related criteria. It evaluates existing identity and account state after data is aggregated and correlated into IdentityIQ.

The phrase “has requested the appropriate account” describes an access request validation concept rather than a policy-detection use case. Requests are handled through the user-driven request and provisioning framework, including QuickLinks, request forms, approvals, workflows, provisioning policies, and provisioning plans. A request can be evaluated, approved, rejected, or fulfilled, but a governance policy is normally not defined to determine whether a request itself was “appropriate.”

IdentityIQ policies detect violations against current or observed access conditions. Therefore, an account policy may check whether an identity has an inappropriate account, but not whether the identity requested the appropriate account. Reference topics: Governance — common policy examples and policy detection; User-Driven Requests — access requests; Provisioning — provisioning process and provisioning policies.