Access Review: After An Access Review

Owned by Marco Palella (Unlicensed)
Last updated: Sept 26, 2024 by Sowmya Manian
3 min read

Summary

This article will review what will happen after a campaign is completed, along with addressing some additional features that can help with tasks that need to be done after a campaign.

How to Complete a Campaign

A campaign can be completed by hitting complete in the top right corner of a running review:

What Happens After a Campaign is Completed?

When a campaign is marked as complete, a campaign report that can be given to auditors will be generated. Additionally, Zilla will send one email per application to the email specified in the Create Ticket Custom Action (see this article for more info on configuring). The email message will contain a CSV that has all of the revocations/changes for that application:

Typically, this email will be connected to an ITSM service email so that they can be parsed into tickets. We can also send additional emails to technical owners, campaign monitors, etc. when completing a campaign in advanced options.

Campaign Reports

The campaign report that was generated when the campaign was completed is available by selecting Download → as PDF. A summary of all permissions reviewed is also available by selecting Download → as CSV. You can also download an Evidence Package to prove an auditor’s completeness and accuracy requirements which includes:

  • PDF report generated on campaign completion

  • PDF report for Active profile grants used in the campaign to automatically mark items as maintained/approved

  • CSV summary listing included applications in the campaign

  • CSV listing of audit logs associated with the campaign

  • CSV summary of all permissions reviewed

  • For each application in the review:

    • CSV campaign report summary showing revocations data per application

    • Evidence for each application in the review

    • A PDF report for the campaign limited in scope to each application in the review

 

Tracking Revocations and Changes

In a completed campaign, we give the monitor a campaign dashboard to keep track of the revocations that were made during an access review. When we sync an application, if we see that a permission has been revoked, we will then see this permission be marked as implemented.

Implemented permissions will only appear if you regenerate the report. Make sure you do this for any changes to be displayed in the Report.

Note that after regenerating the report the Evidence Package will be updated to include the latest CSV campaign report summary showing revocations data per application on download.