Hello,
I’m looking for a way to help reviewers quickly determine whether an access is privileged or generic. I tried using metadata attributes to store this information on our access profiles/roles, but the metadata values don’t appear in either the access request or the review screens when a user submits a request.
Is there a way to make this classification visible to reviewers during the request and review process?
Kind regards,
You can use tags but again that doesn’t show up everywhere. You can use segments for privileged access and place all of the access profiles into one application and prefix all the access with Privileged, that’s what I ended up doing.
I don’t believe this feature exists in ISC, and it does not appear during access request approval workflows or within certification review screens where reviewers make their decisions.
Rather than adding it as a metadata attribute, consider adopting clear and consistent naming conventions for APs or roles so that the details are immediately visible to reviewers.
You can refer to this guide for recommended best practices:
Best practices: Tips for creating roles
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.