User Access Review

Verifies that a user access review was performed completely and appropriately by the reviewer.

A user permissions file sourced from your Access Management Platform (Microsoft AD, Okta, etc.).
A completed access review file sourced from your IGA or GRC systems (ServiceNow, SailPoint, etc.).
A post access review file sourced from your IGA or GRC systems (ServiceNow, SailPoint, etc.).
A employee title listing file sourced from your HRIS or ERP system (SAP, Oracle, Microsoft Dynamics, Workday, etc.)
A application owner file sourced your IT service management system (Jira, Azure DevOps, ServiceNow IT, etc.).
Parameters
1. Review Request Date: Date on which review was commissioned
2. Review Completion Date: Date on which review was completed
3. Timeliness Threshold: Days between review creation and signoff to be considered timely
4. File Input Parameters

A population of employees marked in listing, but not included in the reviewed population marked for follow up.
A population of manager or application owners who may have reviewed their own access tagged as passing or failing
A determination If all users were reviewed in the completed access review categorized as passed or failed.
A determination of timeliness based on adherence to the timeliness threshold, categorized as passed or failed.
A determination of appropriate Manager or Application Owner review of user access, categorized as passed or failed.
A determination if access has been correctly revoked, categorized as passed or failed.

Last updated 8 months ago

Was this helpful?