Manage quarterly user access reviews (UARs), enforce role-based access controls (RBAC), and identify segregation of duties (SoD) conflicts. Every control mapped to ISO 27001, NIST CSF, and SOC 2.
ISO 27001:2022NIST CSF 2.0SOC 2 Type IIUAR · RBAC · SoDA.8.2 · A.5.15 · CC6.2
Add User for Review
Enter user details to add them to the current access review cycle
#
Name
Department
Role / Access
Last Access
Days Inactive
Risk
UAR Status
Actions
👥
No users added yet. Add your first user above to begin the access review.
Segregation of Duties (SoD) Conflict Matrix
Identifies incompatible role combinations that violate SoD principles. Mapped to ISO 27001 A.5.15, NIST PR.AC-04, and SOC 2 CC6.3.
Conflict — SoD violation
Caution — compensating control required
Acceptable
Active SoD Conflicts in Current Review
Users in your access review list whose roles create SoD conflicts
📎 Framework References
ISO 27001:2022 A.5.15 — Access control policy
ISO 27001:2022 A.5.16 — Identity management
ISO 27001:2022 A.8.2 — Privileged access rights
NIST CSF 2.0 PR.AC-04 — Access permissions managed with least privilege
NIST CSF 2.0 PR.AC-05 — Network integrity protected, incorporating network segregation
SOC 2 CC6.3 — Role-based access and least privilege enforced
SOC 2 CC6.2 — User access provisioned and removed timely