Launch a security access review

Early Access release. See Enable self-service features.

This topic describes the considerations and steps to launch a security access review from the Admin Console.

Before launching a security access review, keep these considerations in mind.

Only super admins or custom admins with the Manage security access reviews (okta.governance.securityAccessReviews.admin.manage) and View users and their details permissions can launch security access reviews.
Use security access reviews for targeted, on-demand review of user access based on security events or incidents. For broad, scheduled compliance audits, use Access Certifications campaigns instead. See Campaigns.
You can also launch a security access review using the API. Decide if reviews should be launched manually during an incident or triggered automatically by API (using a delegate flow) in response to events. See Initiate security access reviews.

For example, if you're subscribed to Identity Threat Protection, you can specify entity risk policy rules to trigger a delegated flow that takes a custom action as a response to risk detections. In this case, you can specify a delegated flow that triggers a security access review in the entity risk policy.
By default, Okta automatically applies governance labels like Crown Jewel and Privileged to your most critical apps and entitlements. The review uses these labels to accurately calculate risk and prioritize the most sensitive access for the reviewer. If you have Labels enabled for your org and you've configured custom labels, they're displayed in the security access review as well.
You can specify a maximum of 10 users as reviewers. The action that a reviewer takes on a review item is captured automatically in the review's history.
The reviewer assigned to the security access review shouldn't be the same user whose access is being reviewed.
Also, keep these considerations in mind for reviewers:
- Reviewers are automatically assigned to the Okta Security Access Reviews app. They must have access to this app to be able to review and act on user access in a security access review from their dashboard.
- Reviewers can use the AI summary for quick risk assessment and the activity logs for deep dives.
  
  The AI-generated summary is available in reviews only if the Access Certifications - AI summary for Security Access Reviews feature is enabled for the org. This is also is an Early Access feature.
- Reviewers can only take revoke and restore actions on the review and resources in the review while a review is active.
- Reviewers can use the comments feature to maintain a clear audit trail and to communicate key findings between analysts, especially during shift handovers.
- Okta doesn't delegate security access reviews to the reviewer's delegate.

Start this task

In the Admin Console, go to Identity Governance Access Certifications Security Access Reviews.
Click Create review.
Enter a name for the review. This name is visible to reviewers.
Search and select a user whose access to resources needs to be reviewed.
Search and select up to 10 users who should be assigned as reviewers. You can't assign the user whose access is being reviewed as the reviewer.
Specify an end date for the review. The default duration of the review is seven days.
Click Launch review. The security access review may take a few minutes to launch.

When the review launches, reviewers receive an email with a link to the security access review. They can also see the security access reviews assigned to them and take actions on them from the Okta Security Access Reviews app on their dashboard or using an API.

If the reviewers are super admins or custom admins with the Manage security access reviews and View users and their details permissions, they can view and take action on all active security access reviews listed on the Security Access Reviews tab. However, in the Okta Security Access Reviews app, only the security access reviews that are assigned to them are available.

Launch a security access review

Start this task

Related topics