Process Library

Quarterly Access Review

A recurring review that removes stale and over-broad access before it becomes the path an attacker or mistake takes.

IT & Security 6 steps
When to use

Quarterly, and after any wave of departures or role changes.

Trigger
Runs when: Quarterly access-review cycle

The procedure

6 steps

  1. Pull the current access list per system, especially admin and production access.
  2. Confirm every account maps to a current employee or service that still needs it.
  3. Remove access for departed people and revoke anything beyond what the role needs.
  4. Verify MFA is on everywhere it should be and flag exceptions.
  5. Have system owners attest that the remaining access is correct.
  6. Record the review, the removals, and the attestations.
Outputs
  • A reviewed access list per system
  • Stale and over-broad access removed
  • Owner attestations on record
Tools
Identity / SSOAccess logSpreadsheet
Note: The riskiest accounts are the ones nobody owns anymore. The review exists to find and close them before someone else does.
Download .md

Use this SOP in OrgTP

Don't just download it. Drop this SOP onto a seat in OrgTP and every AI agent under that seat inherits and runs it at runtime — with the trigger, steps, outputs, and tools already filled in.

Use in OTP → Browse more SOPs
Related searches
access review sop user access audit least privilege review security review checklist identity audit

Related SOPs

IT & Security
Access Provisioning
6 steps
IT & Security
Security Incident
6 steps
IT & Security
Backup Test
6 steps
IT & Security
Device Setup
6 steps
← Back to the Process Library