Hi all,
Looking for advice /best practice here.
We launch quarterly access reviews for some applications. Sometimes, before a supervisor gets around to do the review an employee has already left and access has been removed based on normal termination procedures. When the supervisor gets around and marks the users access to be revoked in the review we have it set to a manual fulfillment and it emails the help desk.
Right now, the help desk are getting emails to remove access for users that have already been removed, due to the delay in completing the review.
What is the best way to check that the access is still there before sending the remove email?
By using the refresh items functionality you can lower the occurrence of such cases.
You also have a refreshReview API which you can leverage (instead of performing a manual refresh).
For example, at night after collectors have ran, schedule an API request to refresh the review results.