Create Access Reviews (Tenant Admins)

Tenant Admins play a crucial role in upholding compliance and data protection through timely, efficient Access Reviews. CoreView simplifies this process by providing customizable templates and the flexibility to assign reviewers as needed.

Creating an Access Review

Step 1: Find the Access Review page

Begin by launching the CoreView app and navigating to the “Reviews > Access Review” section.

If this is your first time visiting this area, you’ll be prompted to create your initial review—simply follow the instructions in Step 2.

After you’ve created one or more access reviews, this section will serve as your central hub for managing them. Here, you can easily track active reviews, review historical records, and gain a clear, comprehensive view of your organization’s access management activities.

Step 2: Create a new review

Next, you can initiate a new review by clicking on “Create review from template”. 

Here, you will find a selection of templates designed to suit various scenarios, such as “Teams group members” or “Mailbox permissions”. Choosing the appropriate template is crucial as it sets the foundation for the review process.

Step 3: Customize review details

In this step, you have the opportunity to tailor the review to meet your specific requirements. Start by providing a clear title and description that conveys the purpose of the review, for instance, “Marketing Teams Membership Review Q2 2025".

Additionally, incorporating tags can help you organize reviews based on department, risk levels, or specific projects. It’s also important to set the review’s priority level—be it High, Medium, or Low. For example, guest user reviews might warrant a High priority due to their sensitive nature.

Step 4: Assign reviewers

After configuring the review parameters, choose the individuals who will conduct the access review. You can assign group owners, delegated admins, or specific users as primary reviewers. The default reviewer may vary based on the template you select.

To ensure continuity, it’s recommended to also assign backup reviewers. This step helps prevent delays if a primary reviewer is unavailable. By default, the backup reviewer field displays the email address of the Tenant Admin who created the review. You can easily update this by replacing the email address as needed.

Step 5: Select resources

You will then need to define the specific scope of the review by determining which groups, mailboxes, or resources will be included. This helps ensure that the review is targeted and relevant.

Step 6: Configure timelines and notifications

Establishing timelines is the next crucial step. This includes determining the review's start and due dates. 

Additionally, you can customize notification emails to keep all stakeholders informed or opt for CoreView’s default templates if preferred.

Step 7: Finalize and submit

After reviewing all settings to ensure they align with your goals, you can finalize the review and submit it. 

Monitoring Access Reviews

Once reviews are in progress, you can easily track their status on the Access Reviews dashboard. Use the available filters to sort reviews by status and prioritize the most urgent tasks.

You can also download audit logs as needed, which are important for meeting regulatory and compliance requirements. This ongoing oversight—through filtering and auditing—is essential for maintaining effective access management and ensuring adherence to necessary standards.

Types of logs for Tenant Admins

• Via “Download log”: downloadable from the main Access Review list page within the corresponding Review box.
• Via “Progress status”: by clicking the review’s “Progress status” link, tenant admins can download a log file for each object included in the review.

Log retention

Audit logs become available only after the review is completed. Logs are retained for one year.