Completing Assigned Access Reviews

Access reviews are a centralized, streamlined way to manage and verify account access. App owners and other reviewers can view all access reviews they’ve been assigned to from the Access page within the 1Password SaaS Manager dashboard. Administrators have a more comprehensive view of access reviews. See Administrating access reviews for more information.

Reviewers will get notified when reviews become active and when they’re due. Notifications are available via email and slack and you can manage notification preferences from the Notifications section of the Settings page within your SaaS Manager dashboard. 

After reviewing account access, you can export your reviews to share with auditors or other stakeholders as needed.

View account data

There are a number of options for viewing and sorting account data within an access review. From the Access page within your SaaS Manager dashboard, select an assigned review for a more granular view of its data.

Account data for access reviews for access reviews comes from a variety of sources. For example, data may come from an IdP, directly from apps via an integration, manual imports, or log-in information from browser extensions or SAML. SaaS Manager ranks these various sources by trustworthiness and displays them in their ranked order in the “Sources” column of your access reviews. The “Last updated” column displays a rough status based on information from these sources. 

Green dots in the “Last updated” column indicate that account data from the associated app is considered both trustworthy and up-to-date. Orange dots in this column indicate that account data may be out of date or otherwise potentially needs attention. Red dots indicate that either account data is not recent and or there’s another issue that needs to be addressed. If an application is showing potential issues, select it to visit that application directly from the access review and investigate what issues may need to be addressed. 

Select an access review from the Access page, and you can sort information within that review. Use the Users or Reviewer drop-down menus, or select More filters to open the “Filter applications” sidebar. From here, you can choose a number of filtering options. For example, you can sort by team, number of accounts, access risk, application status, offboarding policy, visibility in app catalog, reviewer, or a number of other options. Scroll through the “Filter applications” sidebar to choose which filter option or options to apply. Select Apply to save your choices or select Clear to remove these filters at any time. 

You can also select a specific application within an access review to view more information about it and its accounts. For example, within a selected application you can see account names and emails, access level, whether any issues have been flagged, and whether accounts have been accepted or if an action is needed. To customize which information is displayed, select the ellipses at the top of the access review page and then select Choose columns. You can also filter your view with the same filtering options available on the top-level access review page. 

Filtering information or changing which columns you view within SaaS Manager will not affect the information included in exported review files.

Act on account data

Account data generated by access reviews includes information such as last login date, employment details such as start and termination dates as well as job title, system information, and financial date. This provides comprehensive context for making informed access decisions. 

Individual app reviews are generated within each access review. By selecting a specific app within an access review, you can take immediate action based on information generated by the review. Select the Add button in the action column and then select Change access to deactivate, suspend, delete, or change an account's access level based on your permissions and the app’s deprovisioning policy. If needed based on the access change selected, an access request will be generated and information on the request’s progress will reflect in the review. Once finished, SaaS Manager automatically records the action as completed within the app review. 

Actions can be performed individually or in bulk for multiple accounts. To make bulk changes, select the checkbox next to “Account” at the top of the app review to apply changes to all listed accounts, manually select the checkboxes next to only specific accounts, or use the available filters to display specific teams, access levels, or whichever category you want to view and apply account changes for. Select those accounts and then use the bulk action toolbar at the top-right to select and apply changes as needed. For example, you can accept access for a selected account(s) to the app by selecting the checkmark. Or, select the Add button to open a sidebar and change access levels for a selected account(s) or record a manual action. 

If you can’t automate an action through SaaS Manager, you may need to visit that app directly to make any necessary changes. In this case, select Record manual action then record what action was taken, add notes, and upload screenshots as needed to track decision making information. 

Select Done, and the Action column will reflect the changes made. 

The progress bar at the top of the access review page and at the top of app reviews within the access review reflects what actions have been completed, and how many are left to review. A solid green bar means the review is complete and action items, if any, have been successfully resolved. Any red in the progress bar indicates there are issues left to resolve and action is required. An access review cannot be marked as completed until all issues are resolved.

When all issues are resolved, select Mark complete to finish the review. Administrators will be notified when reviews are finished, and can then export reviews as needed to provide for auditors or other stakeholders.