Adding an access review
Roles and permissions
The following roles can add an access review:
Administrators
Compliance managers
Hyperproof access reviews allow you to track and manage user access to applications and sensitive information at your company. See Access review workflow for an overview of the access review process.
When you create an access review, you can designate who the primary contact is or you can allow it to default to you as the person creating the access review. The primary contact is the person who should be contacted for questions or issues related to the access review. The primary contact is not granted any special permissions, except that they cannot be removed from the access review.
To add a new access review:
From the left menu select, Access reviews.
On the Access reviews page, click the + New button.
The New access review window displays.
In the Name field, enter a unique name for this access review.
In the Description field, enter any additional details you need to record about this access review. This field is optional.
In the Primary contact field, select a user in your organization to own this access review. This field defaults to the user creating the access review.
Note
The user who creates the access review and the Primary contact could be different users in your organization. Both are added to the access review as managers.
In the Application reviews due field, select the date the user reviews should be completed. This date is used to generate review tasks and send reminders to reviewers with outstanding items. See Access review email notifications and reminders
In the System updates due field, select the date the system updates to user access should be completed. This date is used to generate system update tasks and send reminders to sysadmins with outstanding items. See Access review email notifications and reminders.
The Deliver review tasks via field is populated with the delivery method chosen in the source access review.
Options include:
Email - Notifications are delivered via the email address stored for the user in Hyperproof.
Integration - If you have configured task integration with an external application, such as Jira, linked tasks are created both in Hyperproof and the external application. Both tasks contain a direct link to the reviewer window. Be sure that you have completed the integration configuration before selecting it to deliver access review tasks. See Integrations.
If you chose Integration in the Deliver review tasks via field, select the integration you want to use. If requested, enter the credentials for the integration and complete any other required fields.
In the Deliver update tasks via field, select the delivery method for new update task notifications. These notifications contain a direct link to the sysadmin update window. The assignee must be logged in to Hyperproof to access their tasks. Update tasks and notifications are created the day after the Application reviews due date if the associated review tasks are complete. See Access review tasks.
Options include:
Email - Notifications are delivered via the email address stored for the user in Hyperproof.
Integration - If you have configured task integration with an external application, such as Jira, linked tasks are created both in Hyperproof and the external application. Both tasks contain a direct link to the sysadmin attestation window. Be sure that you have completed the integration configuration before selecting it to deliver access review tasks. See Integrations.
If you chose Integration in the Deliver update tasks via field, select the integration you want to use. If requested, enter the credentials for the integration and complete any other required fields.
Click the Create button.
Hyperproof creates the access review and displays its dashboard.