II.
Workflow overview
Reference · liveworkflow:access-control-audit
Access Control Audit overview
Reviews and validates access permissions across systems — IAM policies, RBAC roles, service account privileges, and data access grants — removing stale access and enforcing least-privilege principles. Excludes initial access provisioning.
Attributes
displayName
Access Control Audit
workflowKind
security
triggerType
scheduled
typicalCadence
quarterly
complexity
cross-team
description
Reviews and validates access permissions across systems — IAM policies,
RBAC roles, service account privileges, and data access grants — removing
stale access and enforcing least-privilege principles. Excludes initial access provisioning.
Outgoing edges
applies_to_domain2
- domain:security·DomainSecurity
- domain:cybersecurity·DomainCybersecurity
involves_role3
- role:security-reviewer·RoleSecurity Reviewer
- role:platform-engineer·RolePlatform Engineer
- role:engineering-manager·RoleEngineering Manager
performed_by_org_unit2
- org-unit:security-team·OrgUnitSecurity Team
- org-unit:application-security-team·OrgUnitApplication Security Team
requires_skill_area2
- skill-area:k8s-rbac·SkillAreaKubernetes RBAC
- skill-area:oauth-flows·SkillAreaOAuth Flows
triggers_responsibility2
- responsibility:security-review·ResponsibilitySecurity review
- responsibility:threat-modeling·ResponsibilityThreat modeling
Incoming edges
follows_workflow2
- stack-profile:compliance-audit-trail·StackProfileCompliance & Audit Trail (Go, PostgreSQL, RabbitMQ, Vault, Elasticsearch, Prometheus)
- stack-profile:identity-governance·StackProfileIdentity Governance (Keycloak, PostgreSQL, React, Go, Docker)
supports_work2
- tool:onelogin·ToolOneLogin
- tool-server:mcp-onelogin-candidate·ToolServerOneLogin MCP candidate