GOV-03Advanced
How to Fix: Conduct Quarterly Privileged Access Reviews
Step-by-step guide to implement conduct quarterly privileged access reviews in your Microsoft 365 environment.
20-30 minutes
Estimated Time
4
Steps
high
Severity
Enhanced Security
Baseline Level
Why This Matters
Over time, users accumulate privileges they no longer need. Access reviews force managers to justify each privileged assignment, preventing privilege creep and reducing risk from over-entitled accounts.
Prerequisites
- 1Global Administrator or appropriate admin role in Microsoft Entra ID
- 2Access to Microsoft Entra admin center (entra.microsoft.com)
- 3Microsoft Entra ID P2 license
Expected Configuration
- Access reviews for all privileged roles are scheduled quarterly
- Self-attestation is disabled for Global Admin and other high-privilege roles
- Unreviewed access is automatically removed after 30 days
Remediation Steps
1
Review Current Configuration
Assess your current configuration in Microsoft Entra admin center.
- •Navigate to the relevant section in Entra admin center
- •Document current settings
- •Compare against expected state
2
Plan Implementation
Determine the changes needed to meet the expected configuration.
- •Review expected configuration requirements
- •Identify affected users or resources
- •Plan rollout strategy
3
Implement Changes
Apply the necessary configuration changes.
- •Make required configuration updates
- •Apply to appropriate scope
- •Document changes made
4
Validate and Monitor
Verify the changes are working as expected.
- •Run TrueConfig scan to verify compliance
- •Test affected functionality
- •Set up ongoing monitoring
Related Resources
Automate Your Security Configuration
TrueConfig continuously monitors your Microsoft 365 environment and can automatically fix configuration drift. Start your free trial today.
Start Free Trial