SecurEnds runs access reviews off of Templates. A template defines the custom requirements for a campaign and can be re-used over and over again as a client plans out the various campaigns required. With templates, clients are able to select the types of users to be reviewed (Active or Inactive) within the System of Record, as well as, the applications to be included in the review. Access review requirements can be defined further but going down to the specific roles/credentials/entitlements within an application if needed. (Ex. Only review our Domain Admins for Application XYZ).
Once templates are created, clients can use any of the templates to create User Access Review Campaign’s. A created Campaign will incorporate the requirements from the pre-built template along with a start and end date. Campaigns define the reviewers and users to be a part of the user access review. When a campaign is launched and email notifications configured, reviewers are able to approval or revoke credentials and entitlements.
Campaigns should be reserved for only those users which need to be reviewed. If users need to be “excluded” from a campaign, that should be handled at the application level with the Bulk Exclude action. Subsequent syncs of the application will keep them excluded. Client can export that list for auditors in order to see who has been excluded from any application campaigns. The Excluded Users action within a campaign is an additional check to make sure no users were missed out.
SecurEnds also provides End of Campaign notifications of all elections completed via email or submitted to various integrated ticketing systems. Click here to know more on Ticketing System Configuration.