SailPoint IdentityIQ-Associate Exam - Topic 7 Question 3 Discussion

Yes. In SailPoint IdentityIQ, preventive policy checking evaluates proposed access changes before the request is completed or provisioned. When a user submits an access request, IdentityIQ can analyze the requested roles, entitlements, or account changes against configured policies, including separation-of-duty and other access-control policies. If the requested access would create a policy violation, IdentityIQ can present a notification or warning to the requester during the request process.

This notification allows the requester to understand that the requested access conflicts with defined governance rules before the request proceeds further. Depending on configuration, IdentityIQ may allow the request to continue with warning, require additional approval or mitigation, or prevent the request from being submitted. The behavior is controlled by policy configuration, request workflow, and preventive checking settings.

Therefore, the statement is accurate: IdentityIQ can notify the requester when an access request will cause a policy violation. Reference topics: Governance, policy detection, preventive policy checking, access request evaluation, policy violations, and User-Driven Requests.