Reviews workflow¶

The workflow of a review can vary depending on your specific configuration of Permission Assist; however, the basic workflow for a review is as follows:

Step 1 - Create the review¶

When a review is created, reviewers are notified that the review has been started.

Step 2 - Approve or flag review items¶

After the review is started, each reviewer logs into Permission Assist to complete their review items. Each review item is either approved or flagged for remediation by at least one person. To speed up the process in future reviews, pre-approval options can be used to automatically pre-approve review items.

Step 3 - Complete access requests¶

In order for remediation to begin, a reviewer must start the remediation process by flagging a review item. When the item is flagged, an access request is created and remediation is started. At this point, responsibility for managing the remediation process transfers to members of the Provision Team (the Provision Engineers). If your system is configured to send email notifications, the provision engineer(s) will be notified that an access request was created. If email notifications are not set up, provision engineers will be responsible for logging into Permission Assist each day (or multiple times a day) to complete their access requests.

Step 4 - Complete the review¶

When all review items have either been approved or flagged, and the remediation process is complete, the review is completed by a member of the Security Team. Reports can be generated for historical and auditing purposes.