Verify Access Requests (For Reviewers)

If your Permission Assist Administrators have set up remediation workflow to require verification, reviewers will need to review the work that the Provision Engineer completed, verify that the changes were made correctly, and complete the access request. Access requests are completed on the Change Management Taskboard.

The Change Management Taskboard is the place you’ll go to work on any access requests that get created as part of a review. To open the Change Management Taskboard you can either:

  • Select Outstanding (under the ACCESS REQUESTS heading) on the Home page, or

  • Go to the My Taskboards menu and select Access Requests.

The Change Management taskboard appears and a list of outstanding requests is displayed on the right (see picture below).

Actions and Events List

2

Search & Quick Filters

3

Access Requests/Events List

4

List View Buttons

 

 

To verify access requests, complete the following steps:

  1. Select an Access Request

  2. Verify the Changes

 

 

Step 1 - Select an Access Request

Select the request you want to work on by selecting on it within the list. After selecting the request, the Access Requests Details page opens in a new tab within your browser. The Request Details page allows you to review the information related to the request.

 

Step 2 - Verify the Changes

  1. Review the details of the item within the Info tab (displayed by default after selecting on a request).

  2. Review and verify the changes were made by the Provision Engineer. The process you use to verify changes depends on your financial institution's best practices and the guidance you may have received from internal and external audit teams. Most banks will verify using one of the following methods:

    • Log into the application and verify the changes were made within the application.

    • Have the Security Team import new permission data and verify the changes within Permission Assist.

    If you are verifying the changes within Permission Assist, select the Details tab (see picture below).

    Compare the columns of information to ensure the proper changes were made:

    • Initial - this column displays the permissions the user had when the review started. These permissions will not change once the review is started.

    • Now - this column displays the permissions the user has now. These permissions will change if you import new reports, so you can use this column to verify that changes were made correctly.

    • Approved - this column shows you whether the user should have access to these permissions based on their Entitlement Role.

    • Action - this column displays the actions requested when the item was flagged.

  3. If the proper changes were made, select the Verify button to complete the access request.

    NOTE: If for some reason the changes weren't made properly, you can communicate with the Provision Engineer on the Comments tab using the "at message" feature.

    After verifying the request, the status changes to “Completed” (see picture below).

    The status of the associated review item is also changed from “Provisioning” to “Remediation Complete”. At this point your work for this request is done – GREAT JOB!! Give yourself a high five!!