> ## Documentation Index
> Fetch the complete documentation index at: https://docs.serval.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Access Reviews

> Review current and historical access across all roles and applications

Review who has access to applications, track access history, and export logs for compliance. Download just-in-time (JIT) access history by role or team, or build workflows to automate recurring reviews.

***

## Common Review Use Cases

Access reviews answer critical security and compliance questions:

* Review which users received JIT access to applications
* Track when access was granted or revoked
* Export access logs for SOC 2, ISO 27001, or other compliance audits
* Track access anomalies or policy violations
* Review departing employee access history to verify all permissions were revoked
* Generate JIT access reports for compliance frameworks
* Identify frequently requested roles and analyze whether temporary access is extended unnecessarily

***

## Review Access by Role

View all users who have been provisioned access to a specific role, including both current and historical access.

### Access role-level logs

<Steps>
  <Step title="Navigate to the role">
    Go to **Applications** → select the relevant application → select the role
  </Step>

  <Step title="Open request logs">
    Click the **Request Logs** tab
  </Step>

  <Step title="Review access history">
    The logs show:

    * Users with current access
    * Users who previously had access
    * When access was granted and revoked
    * Who approved each request
  </Step>

  <Step title="Export if needed">
    Click the **Download** button to export as CSV for further analysis
  </Step>
</Steps>

### What's included in role-level logs

The download includes:

* User name and email
* Access start and end dates
* Request and approval timestamps
* Approver information
* Access status (active, expired, revoked)

***

## Review Access Across Teams

Generate comprehensive access reports across all applications and roles in your organization.

### Access organization-wide logs

<Steps>
  <Step title="Navigate to analytics">
    Go to **Analytics** → **Tickets**
  </Step>

  <Step title="Download access data">
    Click the **Download** button to export all access and ticket data
  </Step>

  <Step title="Review the export">
    The CSV includes both ticket and access log data for complete visibility into your access management
  </Step>
</Steps>

### What's included in role-level log exports

Role-level exports from the access portal include additional compliance and audit details:

* Provisioning and deprovisioning timestamps
* Approval chain details (who approved and when)
* Policy name and access duration
* Justification provided by the requester
* Revocation reason (expired, manually revoked, or offboarded)

These fields are designed for compliance teams preparing SOC 2, ISO 27001, or other audit evidence.

### What's included in organization-wide logs

The export contains the following columns:

**Ticket information**

* Ticket ID, Ticket Number, Team
* Ticket Name, Description
* Created At, Completed At, Escalated At

**Assignment and status**

* Created By, Assigned To
* Status, Escalation Level, Priority

**SLA tracking**

* SLA Started At, SLA Breaches At

**Additional context**

* Labels, Workflow Calls, AI Feedback

<Tip>
  Use spreadsheet pivot tables or filters to analyze the data by team, date range, or ticket type. This helps identify trends and bottlenecks in your access management process.
</Tip>

***

## Automate Access Reviews with Workflows

Build recurring workflows to automate access audits and maintain continuous compliance.

### Example workflows

<CardGroup cols={2}>
  <Card title="Weekly admin access review">
    **Trigger:** Every Monday at 9am

    **Action:** Export all active admin access, send to security team for review
  </Card>

  <Card title="Monthly compliance report">
    **Trigger:** First day of each month

    **Action:** Generate access logs for all applications, send to compliance team
  </Card>

  <Card title="Daily inactive access alert">
    **Trigger:** Daily check

    **Action:** Identify users with access but no activity in 90 days, notify managers
  </Card>

  <Card title="Weekly contractor expiration review">
    **Trigger:** Every Monday

    **Action:** Generate access report for contractors ending within 7 days, notify managers
  </Card>
</CardGroup>

### Building an access review workflow

<Steps>
  <Step title="Navigate to workflows">
    Create a new workflow
  </Step>

  <Step title="Define review frequency">
    Decide how often to run the review (daily, weekly, monthly, quarterly)
  </Step>

  <Step title="Select scope">
    Choose whether to review specific roles, applications, or all access
  </Step>

  <Step title="Set up notifications">
    Configure who receives the review results (security team, managers, compliance)
  </Step>

  <Step title="Add remediation steps">
    Define what happens when issues are found (create tasks, send alerts, auto-revoke)
  </Step>
</Steps>

[Learn more about building custom workflows](#)

***

## Best Practices

<CardGroup cols={2}>
  <Card title="Review sensitive access frequently" icon="shield">
    Admin and production access should be reviewed weekly or monthly. Standard user access can be reviewed quarterly.
  </Card>

  <Card title="Export logs regularly" icon="download">
    Download access logs even if you're not actively auditing. This creates a historical record for compliance.
  </Card>

  <Card title="Automate where possible" icon="robot">
    Use workflows to generate reports automatically. This ensures reviews happen consistently without manual effort.
  </Card>

  <Card title="Act on findings quickly" icon="bolt">
    When reviews reveal unexpected access, revoke it immediately and investigate how it was granted.
  </Card>

  <Card title="Document review processes" icon="file-lines">
    Write down your review cadence and who's responsible. This helps during audits and ensures nothing falls through the cracks.
  </Card>

  <Card title="Track trends over time" icon="chart-line">
    Compare access logs month-over-month to identify growing security risks or opportunities to tighten controls.
  </Card>
</CardGroup>

***

## Supports Compliance Frameworks

Serval can be used to satisfy requirements for common compliance frameworks:

<AccordionGroup>
  <Accordion title="SOC 2 Type II" icon="certificate">
    **Requirement:** Regular access reviews and documentation of access controls

    **How Serval helps:**

    * Export access logs as audit evidence
    * Demonstrate that access is reviewed regularly
    * Show that access is granted based on policies
    * Prove that temporary access is automatically revoked
  </Accordion>

  <Accordion title="ISO 27001" icon="stamp">
    **Requirement:** Access control policy and regular access rights reviews

    **How Serval helps:**

    * Document access policies for each role
    * Generate access reports for periodic reviews
    * Track all changes to access permissions
    * Maintain audit trail of approvals
  </Accordion>

  <Accordion title="GDPR" icon="scale-balanced">
    **Requirement:** Demonstrate appropriate technical and organizational measures for data access

    **How Serval helps:**

    * Show who has access to systems containing personal data
    * Prove access is limited to authorized individuals
    * Document justifications for access requests
    * Track when access is granted and revoked
  </Accordion>
</AccordionGroup>
