Skip to main content

GUEST/IDM/CONNECT

Setting up Audits

CONNECT allows organization to set up audits by access group on a Annual, Semi-Annual, Quarterly, or Monthly basis. If an access group does not need to be audited then it can be excluded as well. Audits are used to ensure that the identities/users with access should have access. Unless it was previously transferred the ACRM (Access Control Manager) or ACR (Access Controller) that approved/assigned the access will be responsible for the audit.

Default Audit Frequency

The default audit frequency is set via the CONNECT >Configuration>Audits page. It defines the audit frequency that will be assigned to any new access group brought up from the access control system.

Note

Set this value before Access Groups are initially brought up from the access control system to prevent having to update the access groups later.

Exclude Access Groups from Audits

The user can exclude access groups from being audited by unchecking the Is auditable option for the access group. This can be done - either by individual access group or in bulk - via the CONNECT > Configuration > Access Group page.

To configure per access group:

  • Navigate to the CONNECT > Configuration > Access Groups page.

    audits_1.png

  • Select the access group that require updating by selecting the tick box on the right of the screen.

    audits_3.png

  • Next click the Edit button in the upper right corner.

    audits_2.png

  • Alternatively to the last 2 steps, the user can select the access group that requires updating by clicking on its name on the left of the screen, which automatically navigates to the Access Group edit page.

    Set_up_audits_selection_click.png

  • On the Access Group page, under the Connect section, uncheck the Is auditable tick box.

    audits_4.png

  • Click the Save button to apply the settings.

To configure in bulk:

  • Navigate to the CONNECT > Configuration > Access Groups page.

    audits_1.png

  • Select the multiple access groups that require updating by selecting the tick box on the right of the screen.

    audits_5.png

  • Next click the Edit button in the upper right corner

    Note

    The number of selected access groups are highlighted in the Current Selection window.

    multiple_selection_access_groups.png

  • On the Access Group page, under the Connect section, uncheck the Is auditable tick box.

    Multiple_selection_uncheck.png

  • Click the Save button to apply the changed settings to all selected Access Groups in one go.

Set Audit Frequency

Once all the access groups that should not be audited have been excluded it time to ensure the remaining have the correct audit period.

  • Navigate to the Access Groups page under CONNECT > Configuration.

  • Select individual or multiple Access Groups that require the ability to be auditable.

  • Next click the Edit button in the upper right in the current selection section.

    audits_2.png
    multiple_selection_access_groups.png

  • Make sure the Is Auditable tick box is selected for all applicable access groups.

    audits_6.png

  • On the Access Group page, under the Connect section select the correct Audit Frequency from the drop down box.

    • Monthly

    • Quarterly

    • Semi-Annual

    • Annual

      Audit_Frequency.png

  • Click the Save button to apply the settings.

Enable Audit Campaigns

Once all the access groups are configured to the desired audit frequency and access groups that do not need to be audited are excluded, user can enable audit campaigns via the CONNECT > Configuration > Audits page.

To enable audit campaigns:

  • Navigate to the CONNECT > Configuration > Audits page.

    Note

    Toggle to the On position to be able to access the configuration settings for the Audits section

    audits_8.png

  • Under the Audit Campaigns section, toggle  On for any audit campaign that is required. User can also enable and configure 'suggestions' which suggest the outcome of the audit dependent on how long the audited identity has held the access for.

    audits_9.png

  • Click the Save button to apply the settings

Configure Audit Notifications

Notifications are configured via CONNECT > Configuration > Notifications then select the Audit section, the options include:

audits_10.png
audits_11.png

  • Initial (Day 0)

  • Reminder (Day 15)

  • Reminder (End of Audit)

  • Overdue (Daily through from Day 1 to Day 15)

Note

Notifications are only configurable for campaigns that are currently enabled.

To configure notifications:

  • Navigate to the CONNECT > Configuration > Notification then select the Audit section.

  • Expand the campaign you would like to configure.

    audits_12.png

  • Select On to enable the notification, or Select Off to disable.

    audits_13.png

  • On Day 1 of the Audit, all ACRs with active audits will receive - if enabled - a 'Start of Audit Notification' configured similar to the below example.

    Start_Of_Audit_Notification.jpg

  • On Day 15 of the Audit, all ACRs with outstanding audits will receive - if enabled - a 'Audit Reminder Notification'. On Day 31, all ACRs with outstanding audits will receive - if enabled - a 'Audit Reminder Notification' configured similar to the below example.

    Audit_Notification_Reminder.jpg

  • For the 15 days after the Audit, all ACRs with outstanding audits will receive - if enabled - a 'Audit Notification Overdue Reminder' configured similar to the below example.

    Audit_Notification_Overdue_Reminder.jpg
In this section: