Why is it beneficial:
• Adding notes to a revoked credential or entitlement gives the owner of the application additional details on why the access should be removed
• If access is questionable, revoking and leaving notes allows the application owner to do further research on if the access should be allowed
• Notes are saved and kept within the end of the campaign audit report
• Notes help to enforce the purpose of the IAM review to enforce the least privilege necessary required to fulfill a job role, remove the conflict of interest, and enforce separation of duties
Steps to add Notes/Business Justification:
- Revoke a Credential or Entitlement
2. Open the Notes window by selecting the “Pencil and Paper” icon
3. View and review any previous notes saved from the “History” section at the top
4. Add a new note under the “Add Note” section
5. Add a business justification for approving/revoking the access
6. Select “Save”
Once saved, notes will be viewable again by selecting the “note” icon under the “History” section
Note: SecurEnds Admin may have configured that the Election Notes will be mandatory for a revoke action. In that case, the Election notes window will popup when access is revoked.
Difference between Notes and Business Justification:
• The business Justification is a permanent note for the Reviewers which will be saved for future reviews as well.
• Business Justification is always optional.
• After adding the business justification, it will be visible on the review screen, as shown below:
• Notes are only for the current reviews.
• Notes can be optional or mandatory, depending on the configuration by the Admin. But it is the best practice to add the notes while revoking any access.
• After adding the notes, the review screen will show a star but not the content of the notes, as shown below: