This article continues the reviewer’s journey towards completing Access Reviews within SecurEnds. If you have not seen the previous article on “how to log in as a reviewer”, please see here.
Conducting an Access Review
After logging in, you will be taken to the following screen to conduct reviews.
You have campaigns assigned to you. Select the “Open Campaigns” box to view the campaigns.
You can see the list of campaigns that have been assigned to you. Select “Begin Review” to be taken to the review screen for a particular campaign.
Once you begin a campaign, there are four (4) relevant pieces of information:
- The Green Box at the top
- This box will provide additional instructions for the campaign. This verbiage was provided by your SecurEnds company admin.
- The User’s Names
- Under the “Direct Report Access Review” column, all “users” associated with this review are listed. The names will disappear as you complete the access review for each user.
- Review
- The blue “Review” button is to be clicked to review the credentials and any entitlements associated with the user.
- Action
- The drop down will present 2 options.
- Update Manager Comments – Optional comments can be entered for the user by the reviewer.
- Termination Date – If a termination date is known for the user, enter that date and click Save. The access reviews for that user will be removed from the reviewer’s scope (the number Pending will move to 0).
- The drop down will present 2 options.
Upon clicking “Review” next to a user, the following screen appears:
In the top box, you will see: Campaign Name, Reviewer (you), Person under review, Email of the person, and their status within the System of Record. This status could be Active or Inactive meaning they no longer have access to the core system of record, implying they have been terminated.
Under “Application”, you will see the applications to which the user has access. In this instance, it is AD Sam Account.
Under “Description”, you will see any meaningful description associated with the entitlement if provided by the application owner.
Under “Status”, you will see the status of the user’s credential. In this instance it is active.
Under “Action”, is where you can make elections for the review. You can Approve or Revoke or click the Justification icon to the right of Revoke to leave a note (see note window below). NOTE: If you revoke a credential, all entitlements will be toggled to Revoke as well.
Once you have made your elections, then you are ready for the next user to review. The buttons at the top of the previous screenshot “Approve All, Revoke All, Save, Next, and Back” do just that. You can quickly approve or revoke access with approve/revoke all.
NOTE: “Next” functions as a next and save. It will save your elections and pull up the next user to be reviewed. Upon reaching the last review, no Next button will appear, but be sure to “Save”!
Upon clicking Back, a pop up will show the remaining number of entitlements that need to be reviewed.
Upon completing all reviews assigned to you, you will receive a similar pop-up signaling all reviews are complete.
