Access Review Campaign Evidence
Overview
Ensuring access reviews are accurate and complete are essential key tenets for access reviews and Zilla helps achieve this by surfacing and centralizing audit evidence for your campaigns. This evidence is often requested by auditors and is necessary for reporting and completion purposes.
Zilla automatically adds evidence based on campaign stages, such as adding an application to the review, campaign regeneration, starting and closing a campaign.
You can upload additional evidence for audit, accuracy, and completeness requirements. These can be additional artifacts required for verification and documentation purposes.
Examples of additional evidence:
Screenshots of the application, user profile, and permission assignments at the start and conclusion of the campaign.
Application owner attestation that SOD policies, security processes have been checked, implemented, and followed for their application.
Exceptions and mitigation controls that are in place for the application as required.
Evidence associated with a campaign, both automatic and manually uploaded, is centrally located in the Evidence tab under the campaign and is available for all campaigns.
Learn more about these specific topics:
Automatic Evidence Artifacts
When each application is added to the access review campaign, evidence artifacts are automatically added, including:
When the campaign was launched.
When the application was added to the campaign, including:
Information from the latest application sync (date, time, total number of accounts, number of active accounts).
Baseline snapshot of the accounts and permissions from the application used to populate the campaign.
When the campaign was completed, including:
Information from the latest application sync (date, time, total number of accounts, number of active accounts).
Snapshot of the accounts and permissions from the application when the campaign was closed and when the final campaign report was regenerated.
These automatic evidence artifacts are updated if the campaign or final report is regenerated so that the most current and accurate information is included as evidence.
When the campaign is completed, the above and additional evidence artifacts are included in the Evidence ZIP, including:
Campaign full summary in both PDF and CSV format
Individual application summary in PDF in PDF format
Campaign audit logs, application summary, and report summary in CSV format
Active profile grants used in the campaign to automatically mark items as maintained/approved in PDF and CSV format
Uploading Evidence - Campaign Readiness Task
Enabling campaign readiness assigns tasks to users to make sure the application is prepared to be included in the review. Learn more about Access Review Get Ready capabilities.
During this stage, additional evidence can be uploaded.
Campaign readiness task:
Access the readiness task from the Tasks menu.
Click on the Show files and information link to expand the evidence table for the application.
Click on the Upload Evidence button to add additional evidence artifacts
Note: You can delete or replace files that have been uploaded if they no longer relevant for audit purposes. Evidence artifacts added by Zilla automatically cannot be deleted. Edit the description of the evidence to provide more context around the file that was uploaded.
Most data file types are allowed for upload. The exceptions are various types of executable files.
Uploading Evidence - Campaign Monitor
Uploading evidence is available for all access reviews and campaign monitors and administrators access the Evidence tab to view collected evidence and upload additional evidence for the applications.
When viewing the Evidence tab from within a review, expand the application row to view the application's associated evidence entries. Uploading additional evidence using the Upload Evidence button.
You can upload and delete files (only those that have been manually uploaded) at any stage of the review: Get Ready, Preview, Running, Completed. You can also edit the description to provide more context around the file that was uploaded.
Most data file types are allowed for upload. The exceptions are various types of executable files.