Define Review Master
Review Master is a review request created or scheduled by the User. Submitting requests for reviews provides a fully consolidated view of users' access and entitlements available in the Sectona's Privileged Access Management to the higher authorizations.
Users can formulate the request by applying different data filters. For example, if the User requires to review all users having administrator role, attributes can be selected similarly, say User role = Administrator.
Users can view the status of the review, such as "Pending from Approval," "Pending for Operations," or "Completed." Notification alert via email is received after completion of each level.
PAG administrator initiates review for User access
Privilege Account Governance allows users to login PAM, switch to PAG, and create a User access review request. This request includes details like who will be the approver, Operational Manager, scheduler (if required). Once these parameters are filled, apply the data filter so that all the users you wish to request for review are selected. For example, Department = Accounts. Save the configuration and wait for the approver and Operational manager to complete their job. Once their job is done, email notification for review submitted will be received, and the status of the request will be shown as “Completed.”
Creating a request for user access review
To create a request for User Access Review in Privileged Account Governance you need to perform following actions:
Log in to Sectona → Go to Privileged Account Governance
Go to Manage → User Access → Click on +New
Specify the Review Name → Set the Scheduler, recurrence and validity
Set the level of Approval
Select approvers in the 'Approver' field.
Select the approver and set the Level as '1' in the adjacent "Level" field. This is the first approver (level 1) the request will go to.
Similarly, Select a new approver and set the Level as '2' in the adjacent "Level" field. This is the second approver (level 2) the request will go to, if the level1 approver approves the request.
Similarly, you can define multiple levels and multiple approvers by selecting an approver and defining his respective "Level".
Check the Active checkbox.
Click on Save button.
PAG administrator initiates review for Entitlement
Privilege Account Governance allows administrators to log in to PAM, switch to PAG, and create an entitlement review request. This request includes details like instance name, which specifies which instance will be reviewed, who will be the approver, Operational Manager, schedular(if required). Once these parameters are filled, apply the data filter so that all the accounts you wish to request for review are selected—for example, Account name = admin. Save the configuration and wait for the approver and Operational manager to complete their job. Once their job is done, email notification for review submitted will be received, and the status of the request will be shown as “Completed.”
Creating a request for entitlement
To create a request for User Access Entitlement in Privileged Account Governance you need to perform following actions:
Log in to Sectona → Go to Privileged Account Governance
Go to Manage → Entitlement → Click on +New
Specify the Review Name → Set the Scheduler, recurrence and validity
Set the level of Approval
Select approvers in the 'Approver' field.
Select the approver and set the Level as '1' in the adjacent "Level" field. This is the first approver (level 1) the request will go to.
Similarly, Select a new approver and set the Level as '2' in the adjacent "Level" field. This is the second approver (level 2) the request will go to, if the level1 approver approves the request.
Similarly, you can define multiple levels and multiple approvers by selecting an approver and defining his respective "Level".
Check the Active checkbox.
Click on Save button.
Editing user access and entitlement review
To verify if user is able edit user access review, you need to perform following actions:
Log in to Sectona → Go to Privileged Account Governance
Go to Manage → Click on User Access or Entitlement
Choose any of the review created, click on Action arrow → Click on Edit
Edit review accordingly and click on Update button