Two new review analysis have been introduced in the RSA Identity Governance and Lifecycle 7.2 release:
This new category finds any access that has not been reviewed by any reviewer in any review. This helps reviewers to identify items that have never been reviewed in their list and take appropriate actions. Other review items will likely have similar review actions to previous reviews unless a user's role or status has changed.
Exceptional access given for access raised as a violation will be flagged by this category if the expiration date is within 30 days (default) from the time of the review generation. The default value can be overridden by navigating to Admin->System->Settings. This allows reviewers to review the access and make a decision before the access expires and goes through another round of remediation.
These new categories can be configured from the Analysis & Guidance page of the review definition along with the other existing categories:
For additional information on this update – please check out this additional context: