The original post: /r/cybersecurity by /u/desiboyy on 2024-12-27 05:14:59.
I’m an IT Auditor currently working on an Access Management audit for one of the modules in eGRC Archer. I asked the auditees to share a system-generated user list to check provisioning/de-provisioning. They informed me that Archer doesn’t have a direct feature to generate this list and that the group they are using to manage users for this module is not linked to Active Directory, even though users are using enterprise IDs and other firm configurations like SSO are set up. Since this group is not linked to AD, I can’t obtain the list from other sources within the firm. Has anyone encountered a similar situation before, and is there a legitimate reason for not linking the group to Active Directory?
You must log in or register to comment.