I manage a copy of WHD in a secure space that relies heavily on utilizing Approval Process and Change Approval Boards for account and access requests. I have noticed that there is a feature within Processes >> Change Advisory Boards that there can be a requirement of "Minimum Approvers" for a CAB. In my environment, it only takes one security officer to approve/deny a request so the CAB minimum approver requirement is set to one as well.
Where the problem occurs in WHD is that if an access request needs to be denied, the only way this to happen is for the entire voting panel of CAB members to vote "No" . Many of these CABs have at least 5 approvers (depending on the program. I don't make these rules... I just enforce them!) and waiting for all of the CAB members to say "No" creates a rather big log jam in the ticketing system and is not conducive to our process flows and customer SLAs at all. Having an option to set a minimum deny requirement on a CAB would help tremendously!
As a work around, I have had to set an an Action Rule that scours the notes field looking for specific terms, Ex. "Denied due to", in which the action rule will fire on the ticket awaiting approval and modify the ticket:
1. Status is moved to "Denied/Closed>>Closed".
2. Email is sent to user letting them know of that their request has been denied.
Unfortunately this work-around only works some of the time which some tickets then still need to be attended to manually to clear the back-log.
Please add a better "Deny" option to CAB!!!
