The statement is false. Preventive policy checking in SailPoint IdentityIQ is not limited only to self-service requests. Preventive policy evaluation is used to identify policy violations before access changes are completed. This can occur during access request processing, provisioning-related activity, or other configured request paths where IdentityIQ evaluates proposed changes against defined policies before allowing the transaction to proceed.
A self-service request is only one possible entry point. IdentityIQ access requests may be submitted by an end user, a manager, an administrator, or another authorized requester depending on QuickLink Population rules, request configuration, and access-request permissions. Preventive policy checking evaluates the requested access change itself, not merely the fact that the request was self-initiated. If the proposed access would violate a separation-of-duty, risk, or other governance policy, IdentityIQ can warn, require additional handling, or block the request depending on policy and workflow configuration.
Therefore, the word “only” makes the statement incorrect. Preventive policy checking is a governance control applied to configured access-change activity, not exclusively to self-service actions. Reference topics: Governance, policy detection, preventive policy checking, access request policy evaluation, User-Driven Requests, and provisioning request control.
