Access Review - Common Problems
1. Group does not contain a description
Answer: Not all groups contain a description entry. In these cases, ITO can assist with what the group is used for.
2. Group does not contain information about an owner
Answer: Not all groups have an owner configured. This is largely due to many groups being used by multiple departments or business units, where there is not a clear owner for the group.
3. A direct report is missing from an access review
Answer: Access reviews are group specific. If a direct report is missing from a group, the most common reason is that the direct report is not a member of that group. If the direct report is a member of the group, escalate the issue to ITO Security for resolution.
4. "I've lost access, probably because of access reviews."
Answer: Access was removed either by a failure to review, or because the manager has decided the user did not need access. To resolve this, the manager should submit a standard access request. This is never an incident, always a service request.
5. "I am a manager, but I cannot log in to YouAttest."
Answer: The software only allows login / account creation AFTER at least 1 access review has been assigned to the user. By default, all users are allowed by Azure, but YouAttest does not create accounts if there are no reviews for that user. Verify there are no users assigned to the reporting party, and inform them they do not have any actions to take.
Latest Issues Resolved:
1. Direct members in a group that should have had an access review entry but did not have one. This issue was due to a SaaS coding error which was truncating groups.