If you identify a termination issue for a user at the application and that user was not caught on the User Access Review for that application (a reviewer approved access is appropriate), does the entire UAR fail based off one reviewer?? Am I then obligated to check all other applications UARs this user has access to? If so, and they were approved in all those reviews (same reviewer who made the mistake) does each application UAR fail? Seems like overall for fault of 1 out of 1000 reviewers..?

like
Posting as :
works at
You are currently posting as works at

Reviewers competence is now in question so you've gotta dig on that (by potentially failing the entire UAR)

like

I think that a reviewer performing the UAR incorrectly is reason to investigate further. What's the root cause of this missed user? How many other users did this particular reviewer review? Are those other users correct?

How do you test your UAR? Do you look at approvals by sampling 25? Or maybe do you sample by reviewers by sampling 25?

Whether you do or don't, this one instance would call into question the overall review. If you sample approvals, you may consider this one as an exception so you might be able to sample 40 approvals (or whatever your guidance is) to determine if this is a random or systemic exception.

like

Related Posts

Does anyone have a resume writer or career coach they could recommend? Feel free to PM if easier!

like

Considering buying Breitling Navitimer 41. Thoughts?

Post Photo
like

Could you seriously date someone who isn't on the same financial level as you?

like

Anyway to slim down legs; just want to smooth out this massive imbalance that the body seems to favor to the downside

like

Hi! Can anyone here help with a referral to Liberty Mutual?

A former studio I worked for submitted some my work for consideration for an award, but I’m mis-attributed in the awards credits for something I didn’t do. What should I do?

How much would a CD earns in an Singaporean agency?

This time last year, I was making 70k without bonus potential. Tomorrow, I am putting in my notice and I will be making 110k with potential bonuses. Remember to take care of you.

likeuplifting
like

why is everyone moving to Seattle?

like

Anyone know what happens to staff 2 on a PIP who shows no improvement? Will EY let them go or just not promote until they decide to leave on their own?

like

Hi everyone,

I created a Web API project on .Net 6 and hosted it on GitHub. But the swagger UI page is not loading.

Does anyone have any ideas to resolve this issue?

I tried to find the solution but couldn't get it.

I enabled the CORS policy and also added code for the production environment.

Please help.

like

5 good product based company for .NET profile, appreciate your insight!

like

Anyone work at Guidehouse and know next year’s benefits? Have job offer but they won’t tell me if benefits will be the same for 2023.

like

Ya’ll take ya vitamins today?

likehelpful

8/26 check in

Active rest day today. Need to hit 10147 dynamic step goal on garmin to maintain my streak - 6 days done, earlier best was 21 days, todays day 7

like

PPMDs, if an employee comes to you and ask for support to join a different group within the firm and the employees ends up not getting the other role, do you typically treat them differently after (e.g., not staffing them on as many deals) / would you hold them back from promotion the following year?

like

Hi, I need referral in HPE, I have the job Id, Please DM

like

Hi I work at Accenture Strategy & Consulting in Management Consulting - Capital Market Practice. I have 5.5 years of experience in Capital Market Consulting. Have worked with Investment Banks, CSDs, Clearing Houses, Exchanges. Have worked on RFI, RFP, PM, Requirements Gathering, BRDs , FSDs. Waterfall to Agile implementation etc.
I am MBA- Finance and did Computer Engineering in UG.
I am looking for a change and looking for opportunity in Strategy or Management Consulting. Kindly refer me.

like

Additional Posts in Risk Assurance

Does anyone still have an active Becker account that I could borrow for 2 months to study for my REG exam? Please! Thanks!

like

Currently in Risk Assurance but have the opportunity to transfer into Deals & Strategy. Which one is better for a career long term?

like

Anyone hiring for entry level risk compliance roles?

like

How do you apply design factors to IT Audits. Just overheard someone explain 'level of aggregation' for IT Security policies by describing how many people have access to it. Why is this a thing???

like

Do you audit users with Sudo access and a log of sudo activity or just users with access to sudo?

like

Does business Process Internal Audit or IT Internal Audit make more?

like

How do you all keep up with trends in risk and internal audit?

like

Are the exit opportunities better in Internal Audit/Business Process than IT Audit? All I hear is how awful IT Audit is but don’t hear as much complaining from the business side

like

What makes more money IT Audit or IT GRC?

like

Crowe is hiring for quite a few positions across the US (Internal Audit, IT controls and cyber/digital security, Compliance,etc)… I’m a manager and would think some of these niche areas have great opportunity for new folks to excel rather quickly. Great flexibility and mobility policies. I’d be happy to chat if interested and get you directly in touch with the right people internally.

likefunny

Identifying a common process, what does this even mean 😩 please help.

like

Is anyone here in KPMG’s CRM Risk practice? If so do you know if they are still hiring??

like

Does Deloitte and PWC has a dedicated app sec pen-test team? What percent of the time do you travel? Do you guys work from home or need relocation to any place in US?

like

Mid year promotions, I found out you need to make your own case for it rather than the firm coming to you. If you think you’re ready make sure you speak up!

Is anyone here a HITRUST CCSFP? Was the exam hard?

like

I studied finance in undergrad and had a couple of internal audit internships. I only started a few month ago but I never saw myself doing IT Audit and I don’t like it thus far! Would I need to get a CPA in order to move into audit or something more finance/accounting oriented like FDD, Valuation, etc.? (Still need to get to 150, thinking of doing an online MAcc)

like

Has an tested roles for SAP through productive test simulation within production? Is there any risk doing this as the test is in production?

like

What are the best exits from risk assurance? Is it possible to lateral into tech or no?

like

If anyone is looking for a referral as an experienced hire to the PwC DAT (Digital Assurance & Transparency - formerly Risk Assurance) practice let me know and would be happy to refer you. We are actively looking to hire.

like

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Scan your QR code to download
Fishbowl app on your mobile

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal