IAM Concepts

Attestation

Diagram representing a glossary term in Oasis Security, illustrating key concepts in non human identity management

What is Attestation?

Access attestation, also known as access recertification or entitle review, enables you to review and validate the access privileges of your users regularly. This ensures their access rights are still necessary, appropriate, and compliant with your organization's policies and regulations.

The primary objective of attestation is to mitigate the risk of unauthorized access and reduce the potential for data breaches or compliance violations. By conducting regular access reviews, you can promptly identify and address any gaps or vulnerabilities in your access control systems. 

This proactive approach safeguards your sensitive data and helps you demonstrate compliance with industry regulations and standards.

Moreover, attestation involves systematically evaluating user permissions, entitlements, and organizational roles. During the recertification process, you collaborate with the relevant stakeholders, including business unit managers, data owners, and system administrators, to ensure that each user's access privileges align with their job responsibilities.