Creating an access review is straightforward. To create an access review, follow these steps:

  1. From the Identity Governance blade in the Azure portal (https://portal.azure.com), select Access reviews and then choose New access review:

Figure 8.20 – The Access reviews page

  1. On the Review type page, select the type of review to perform from the dropdown:
    • If you select Teams + Groups, you can choose All Microsoft 365 groups with guest users or Select Teams + groups. If you specify All Microsoft 365 groups with guest users, you have no scope options to select, as the scope is automatically configured for Guest users only. If you choose Select Teams + groups, then you can select a scope of either Guest users only or All users. In either group scenario, you can choose Inactive users only, along with a time for inactivity (measured in days).
    • For Applications, you must select one or more enterprise applications that are currently configured in Azure AD:

Figure 8.21 – Selecting an access review type

  1. From the Reviews tab, select whether you will be performing a single or multi-stage review. For each review (or review stage), select who will be performing the review. Depending on the reviewer option selected, you may need to specify individual users or groups. You may also have the option to specify a dedicated Fallback reviewer, who will be contacted if the primary user no longer exists for some reason.
  2. From the Reviews tab, configure a recurrence. Click Next when you’re finished:

Figure 8.22 – Configuring reviewers and their frequency

  1. From the Settings tab, you can choose to Auto apply results to resource, as well as perform a default action called If reviewers don’t respond, as shown in Figure 8.23:

Figure 8.23 – New access review – Upon completion settings

  1. Also from the Settings tab, you can configure additional notification options, reminders, and a decision helper that displays the review targets’ last sign-in. Click Next: Review + create:

Figure 8.24 – Configuring advanced settings for review

  1. Enter a name and description for the review and click Create.
    Once an access review has been created, it will adhere to the schedule you configured. Users will be notified via email when they have pending actions to review.
    You can also view the history of performed access reviews by selecting Review History under Access reviews, as shown in Figure 8.25. You can create a new report of access reviews by selecting New report and choosing the date range and types of reviews and outcomes you want to inventory:

Figure 8.25 – Review History
Next, we’ll look at some of the Azure Identity Protection features.

By : Jennie Shreve

Leave a Reply

Your email address will not be published. Required fields are marked *