Status: Pending implementation
Security and governance teams need a continuous view of access quality, not just point-in-time approvals. UMS must calculate access health, highlight stale or excessive access, and recommend the next best governance action.
| Actor | Responsibility |
|---|---|
| Security Administrator | Reviews the access health signals and thresholds. |
| IGA Administrator | Uses recommendations to launch cleanup or review actions. |
| Auditor | Reviews the health trend and the remediation trail. |
If the system does not have enough signals to compute a reliable score, it shows the limitation clearly.
If the score crosses a critical threshold, the system highlights the accounts or packages that need immediate review.
If the access is healthy, the system explains why and keeps the score visible for trend monitoring.
| Rule | Description |
|---|---|
| BR-01 | The access health score must be explainable. |
| BR-02 | Recommendations must be derived from observable access and audit signals. |
| BR-03 | The system must not auto-remove access unless policy explicitly allows it. |
| BR-04 | High-risk trends must be visible before they become incidents. |
| BR-05 | Health scoring must be auditable and repeatable for the same dataset. |
| # | Acceptance Criterion |
|---|---|
| 1 | An actor can see a health score for access within a tenant or scope. |
| 2 | The system explains the signals that influenced the score. |
| 3 | The system recommends a next governance action. |
| 4 | The actor can use the recommendation to launch a review or cleanup flow. |
| 5 | Healthy and risky access states are visible over time. |
| Type | References |
|---|---|
| Domain Entities | AuditRecord, Profile, Role, ApprovalRequest, AccessEnforcementPolicy |
| Functional Stories | FS-16, FS-28, FS-31, FS-32 |
| ADRs | ADR-0016, ADR-0033, ADR-0066 |