Syskit Point
Schedule a DemoStart a Free TrialContact UsProduct Site
  • Syskit Point
  • Releases
    • Syskit Point Cloud
      • May 13, 2025
      • May 06, 2025
      • April 29, 2025
      • April 22, 2025
      • April 08, 2025
      • April 01, 2025
      • March 25, 2025
      • March 18, 2025
      • March 11, 2025
      • March 04, 2025
      • February 25, 2025
      • February 18, 2025
      • February 11, 2025
      • February 06, 2025
      • January 28, 2025
      • January 22, 2025
      • January 14, 2025
      • January 02, 2025
      • December 17, 2024
      • December 10, 2024
      • December 03, 2024
      • November 26, 2024
      • November 19, 2024
      • November 05, 2024
      • October 29, 2024
      • October 22, 2024
      • October 15, 2024
      • October 08, 2024
      • October 01, 2024
      • September 24, 2024
      • September 18, 2024
      • September 02, 2024
      • August 26, 2024
      • August 20, 2024
      • August 12, 2024
      • August 06, 2024
      • July 29, 2024
      • July 23, 2024
      • July 02, 2024
      • June 18, 2024
      • June 04, 2024
      • May 21, 2024
      • May 09, 2024
      • April 23, 2024
      • April 9, 2024
      • March 26, 2024
      • March 12, 2024
      • February 22, 2024
      • February 06, 2024
      • January 19, 2024
      • January 18, 2024
      • December 19, 2023
      • November 30, 2023
      • November 15, 2023
      • November 2, 2023
      • November 2, 2023 - Announcement
      • October 17, 2023
      • October 3, 2023
      • September 21, 2023
      • September 14, 2023
      • September 7, 2023
      • August 23, 2023
      • August 9, 2023
      • July 26, 2023
      • July 12, 2023
      • May 16, 2023
    • Syskit Point Data Center
      • Syskit Point 2025.2
        • Syskit Point 2025.2.90
        • Syskit Point 2025.2.86
        • Syskit Point 2025.2.82
        • Syskit Point 2025.2.78
      • Syskit Point 2024.6
        • Syskit Point 2024.6.73
        • Syskit Point 2024.6.71
        • Syskit Point 2024.6.70
      • Syskit Point 2024.5
        • Syskit Point 2024.5.67
        • Syskit Point 2024.5.65
      • Syskit Point 2024.4
        • Syskit Point 2024.4.60
        • Syskit Point 2024.4.54
        • Syskit Point 2024.4.52
      • Syskit Point 2024.3
        • Syskit Point 2024.3.48
      • Syskit Point 2024.2
        • Syskit Point 2024.2.45
      • Syskit Point 2024.1
        • Syskit Point 2024.1.43
        • Syskit Point 2024.1.41
      • Syskit Point 2023.5
        • Syskit Point 2023.5.39
      • Syskit Point 2023.4
        • Syskit Point 2023.4.1
        • Syskit Point 2023.4.0
      • Syskit Point 2023.3
      • Syskit Point 2023.2
      • Syskit Point 2023.1
        • Syskit Point 2023.1.3
        • Syskit Point 2023.1.2
        • Syskit Point 2023.1.1
        • Syskit Point 2023.1.0
      • Syskit Point 2022.5
        • Syskit Point 2022.5.1
        • Syskit Point 2022.5.0
      • Syskit Point 2022.4
        • Syskit Point 2022.4.1
        • Syskit Point 2022.4.0
      • Syskit Point 2022.3
        • Syskit Point 2022.3.1
        • Syskit Point 2022.3.0
      • Syskit Point 2022.2
        • Syskit Point 2022.2.3
        • Syskit Point 2022.2.2
        • Syskit Point 2022.2.1
        • Syskit Point 2022.2.0
      • Syskit Point 2021.12
      • Syskit Point 2021.11
      • Syskit Point 2021.10
      • Syskit Point 20
      • Syskit Point 19
        • Syskit Point 19.0.2
        • Syskit Point 19.0.1
        • Syskit Point 19.0.0
  • Requirements
    • Permission Requirements
    • Change Log
  • Set Up Point Cloud
    • Overview
    • Free Trial
    • Free Trial Limits
    • Manage Syskit Point Subscriptions
  • Set Up Point Data Center
    • Deployment
      • Overview
      • System Requirements
      • Deploy Syskit Point
      • Connect to Microsoft 365 Tenant
      • Set Up Custom Domain and SSL Certificate
      • Upgrade Syskit Point
      • Azure Networking
    • Activation
      • Activate Syskit Point
      • Free Trial Data Center
  • Licensing & Activation
    • Licensed Users Count
    • Activation Privacy Statement
  • Get to Know Syskit Point
    • The Syskit Point Starter Kit
    • Navigate Through Syskit Point
    • Collect Microsoft 365 Data
  • Microsoft 365 Inventory
    • Microsoft 365 Inventory Overview
    • Explore Your Microsoft 365 Dashboard
    • Sites
    • Microsoft Teams & Groups
    • Users
    • Copilot Readiness
  • Configuration
    • Syskit Point Configuration Guide
    • Assign and Manage Access to Syskit Point
    • Enable Microsoft Teams Activity Tracking
    • Configure Storage Management in Syskit Point
    • Set Up E-Mail
    • Connect Service Account
    • Customize Audit Logs Collection
    • Upgrade SQL to Managed Identity Authentication
    • Enable Power Platform Data Collection
    • Enable Power BI Data Collection
    • Ignore Service Account Activity Tracking
    • Customize License Reports
    • Customize E-Mails
    • Report Data Limits
    • Turn On Auditing
    • Exclude Users from Receiving Governance Tasks
    • Customize Dashboard
    • Customize Syskit Point Appearance
    • Configure Your Environment for Storage Management
    • Save Custom Views
    • Audit for Syskit Point Settings
    • Manage Connection
  • Reporting
    • Overview
    • External Sharing Reports
    • Access Reports
    • Audit Reports
    • Cleanup & Health Reports
    • Licenses Reports
    • Analytics Reports
    • Sensitivity Labels Reports
    • Power Platform Reports
    • Power BI Reports
  • Storage Management
    • Storage Management Overview
    • Free Up Storage
    • Storage Reports
    • Limit Storage Usage
    • Storage Versioning Limits
  • Governance & Automation
    • Syskit Point Tasks
    • Access Review
      • Enable Automated Access Review
      • Create and Apply Access Review Policies
      • Modify Access Review Options
      • Monitor Access Review in Syskit Point
      • Manually Request Access Review in Syskit Point
    • Lifecycle Management
      • Lifecycle Management - Deprecated
      • Identify Inactive Workspaces
      • Enable Lifecycle Management Automation
      • Monitor Lifecycle Management Tasks in Syskit Point
      • Run Lifecycle Management Actions in Syskit Point
    • Policies
      • Set Up Policies
      • Rules
      • Blocked Users with Assigned Licenses
      • Inactive Guest Users
      • Inactive Workspaces
      • Minimum Number of Owners
      • Maximum Number of Owners
      • Orphaned Workspaces
      • Orphaned Users
      • Tenant Storage Limit
      • Workspaces with Too Many Members
      • Workspaces with Shadow Users
      • Private Workspaces Shared with Everyone
      • Workspaces Without a Sensitivity Label
      • Apply Policies
      • Upgrade to Rules
    • Security and Compliance Checks
      • Security and Compliance Checks
      • Inactive Workspaces
      • Orphaned Workspaces
      • Inactive Guest Users
      • Blocked Users with Assigned Licenses
      • Workspaces with Not Enough Owners
      • Orphaned Users
      • Workspaces with Too Many Owners
      • Tenant Storage Limit
      • Workspaces with Too Many Members
      • Workspaces with Shadow Users
      • Private Workspaces Shared with Everyone
      • Workspaces Without a Sensitivity Label
    • Provisioning
      • Set Up Provisioning
      • Enable or Disable Provisioning
      • Register Yammer App
      • Enable Sensitivity Labels
      • Restrict Microsoft 365 Groups Creation
      • Templates
      • Content & Structure
      • Configure Provisioning Failure Notifications
      • Approval Processes
      • Approve/Reject Requests
      • Manage Requests
      • Hide Workspace Name
    • Access Requests
      • Set Up Access Requests
      • Create Access Requests
      • Apply Access Requests
      • Approval Process
    • Metadata
      • Manage Custom Metadata
      • Request Metadata Review
      • Monitor Metadata Review
    • Sensitivity Review
      • Request Sensitivity Review
      • Monitor Sensitivity Review
    • Privacy Review
      • Request Privacy Review
      • Monitor Privacy Review
    • Syskit Point Teams App
    • Schedule Reports
    • Configure Alerts
    • Manage Sensitivity Labels
  • Access Management
    • Track Microsoft 365 External Users and Their Activities
    • Check Access for Specific Microsoft 365 User
    • Copy User Permissions
    • Delete and Restore Users
    • View Permission Changes in Microsoft 365
    • Supervise Microsoft Teams Private Channels
    • Manage Private Channels Access
    • Complete Power Platform Actions
  • Integrations
    • Overview
    • Syskit Point API
    • Webhooks
    • Examples
      • Webhooks
      • ServiceNow
      • Jira
  • FAQ
    • Security
    • Security Self Assessment Questionnaire
    • Storage Management
    • Free Trial
    • Licensing
    • Activation
    • Purchasing and Discounts
    • Customer Terms
    • Privacy and Compliance
    • Partner Program
    • Site Storage Limits
    • Orphaned Users
    • Inactive Users Detection
    • Provisioning - Content & Structure
  • Troubleshooting
    • Export Diagnostic Logs
    • Setup Diagnostic Logs Export
    • Analytics and Usage Report Issues
  • Explore Syskit Point for Site Owners/Collaborators
    • Syskit Point for Collaborators
    • Resolve Governance Tasks
      • My Tasks
      • Complete Access Review Tasks
      • Complete Metadata Review Tasks
      • Complete Privacy Review Tasks
      • Complete Sensitivity Review Tasks
      • Resolve Inactive Workspaces Tasks
      • Resolve Lifecycle Management Tasks
      • Resolve Inactive Guest Users Tasks
      • Resolve Minimum Number of Owners Tasks
      • Resolve Maximum Number of Owners Tasks
      • Resolve Orphaned Workspaces Tasks
      • Resolve Tenant Storage Limit Task
    • Manage Access
      • Manage External Sharing
      • Manage Users
    • Manage Workspaces
      • Request New Workspace
      • Request Workspace Access
      • Manage Workspaces
      • Manage Custom Metadata
    • Reporting
      • Syskit Icons Glossary
      • Inventory Reports
      • Schedule Reports
      • Alerts
      • Cleanup & Health Reports
      • External Sharing Reports
      • Access Reports
Powered by GitBook
On this page
  • Create Access Review Policy
  • Apply Policies
  • Next Steps

Was this helpful?

  1. Governance & Automation
  2. Access Review

Create and Apply Access Review Policies

This article explains how to create Access Review policies and apply them to your Microsoft Teams, Microsoft 365 Groups, sites, and OneDrive in Syskit Point.

PreviousEnable Automated Access ReviewNextModify Access Review Options

Last updated 1 year ago

Was this helpful?

Access Review in Syskit Point is enabled through Access Review policies applied to Microsoft Teams, Microsoft 365 Groups, sites, and OneDrive in Syskit Point.

Access Review policies in Syskit Point enable you to define the following settings of an Access Review:

  • The scope of the Access Review - you can choose to review content or membership, or both, decide if you're only interested in shared content and guest users, or maybe want only to see the content down to the folder level

  • Who should perform the review - depending on the workspace type, you can select between various groups of users with privileged access, such as team owners, site admins, primary administrators, etc.

  • The Access Review recurrence frequency - not all workspaces in a Microsoft 365 environment are equally important; therefore, you can choose to repeat the Access Review process once for the most important workspaces or up to once a year for the workspaces that are not frequently changed or used or don't contain sensitive data

Once created, policies need to be applied to Microsoft Teams, Microsoft 365 Groups, sites, and OneDrive in order to start the automated Access Review process in Syskit Point.

In the sections below, you can find detailed instructions on creating and applying the Access Review policies in Syskit Point.

Create Access Review Policy

To start creating Access Review policies, navigate to Settings > Governance > Policies.

By default, Syskit Point offers a predefined Access Review policy - All users and shared files (1).

Here, you can choose to:

  • Edit an existing policy (2) or

  • Delete an existing policy (3)

  • Create a new policy (4) Apply automatically with rules (5) Manually apply policies (5)

Please note! The predefined Access Review policy is not applied to any workspaces and will not trigger an automated Access Review.

Create a new Access Review policy by clicking the Create New Policy button (4).

The following dialog opens, providing the ability to choose the policy type.

Click Access Review (1) to continue.

The Create New Policy dialog opens where the following Access Review options can be defined:

  • Policy Name (1)

  • Access Review Recurrence Frequency (2) - increments of 1 month are available, up to 12 months

  • Memberships (3) - when enabled, you can choose to review:

    • All Memberships - Access Review shows all users from your organization as well as guest users

    • Guest User Membership - Access Review shows Guest users only

  • Content (4) - when enabled, you can choose to review:

    • All Content - Access Review shows all content shared with internal and external users

    • Externally Shared Content - Access Review shows only the content shared with external users

    • Content Level (5) - choose content level to review:

      • Subsites

      • Document libraries

      • Folders

      • Files & folders

  • Description (6) - shows summary info depending on selected options regarding memberships (3) and content (4)

  • Advanced Settings (7) - define who will perform the access review

  • Save (8) - click to Save the Access Review Policy when finished with the configuration

Advanced Settings option (7) enables you to define which groups of users are responsible for the Access Review.

Here, the following groups can be defined and set up based on the workspace type:

  • SharePoint Site (1)

    • Primary Admin/Owner

    • Site Admins Group

    • Site Owners SharePoint Group

  • Microsoft 365 Groups/Microsoft Teams (2)

    • Team/Group Owners

    • Site Admins Group

  • OneDrive (3)

    • Primary Admin/Owner

    • Site Admins Group

Select the checkbox to Include private Microsoft Teams channels(4); the following can then be defined:

  • Microsoft Teams Private Channels (5)

    • Team/Group Owners

    • Channel Owners

Clicking the groups of users for each workspace shows a checkbox next to each group.

  • The groups of users can be selected or deselected depending on what the Access Report policy being set up should include.

When finished, click Confirm (6) to store the preferences.

  • Users with Full Control access given via the default Site Owners SharePoint group and the Site Admins group on a SharePoint site will get an Access Review task.

  • Users who have Full Control access given in any other way - be it directly given Full Control access or via membership in any other non-default SharePoint group with Full Control access - will not get an Access Review task

  • For Microsoft Teams, Microsoft 365 Groups, and OneDrive, there is no option to include the Site Owners group members; only the Site Admins group can be included in the Access Review, meaning that Site Admins group members will receive Access Review tasks.

Apply Policies

To apply created Access Review Policies, navigate to Settings > Governance > Policies and click the Manually Apply Policies button (1).

The Manually Apply Policy report opens, enabling you to apply created policies to your Microsoft Teams, Microsoft 365 Groups, OneDrive, and sites.

To do so:

  • Select (1) one or multiple workspaces; you can also easily filter through workspaces with the help of top tiles (2)

  • Click the Manage Policies action (3)

    • When multiple workspaces are selected, clicking the arrowhead next to Manage Policies provides a selection of the following actions to choose from:

      • Apply Policy

      • Remove Policy

      • Remove All Policies

The Apply Access Review Policy dialog opens where you can:

  • Choose which policy you want to add or change (1)

  • Confirm your selection by clicking the Save button (2)

The warning serves as a reminder that if you have rules set up, manually changing or adding policies will replace the ones applied by the rules you have set up. Manually applied policies will take precedence over those applied with rules. An example of the warning can be seen below.

Please note!

Only one Access Review policy can be active at a time on a workspace. When a new Access Review policy is created and applied to workspaces, it will be triggered depending on the date set in the Settings of the Access Review Options.

  • If the date in the Settings > Access Review Options has not changed, it will be triggered on the set date in the future and then occur depending on the period set for the individual policy.

    • Let's say your Access Review is set to occur every 2 months, and the date in the Settings was set sometime in the past; the policy will be triggered in approximately 2 months on the date stated in Settings. For this example, if the date in the Settings is the 24th of February 2024, the policy would be triggered on the 24th of April 2024.

  • If the date in the Settings > Access Review Options is set in the future, it will be triggered on the set date in the future and then occur depending on the recurrence set for the individual policy.

    • Let's say your Access Review is set to occur every 2 months; it will be triggered on the date specified in Settings and then every 2 months on that date. For this example, if the date in the Settings is the 24th of August 2024, the policy would be triggered on the 24th of August 2024, and then again on the 24th of October, and so on.

  • If the date in the Settings > Access Review Options is set in the past, the policy will be triggered based on the recurrence set for the policy.

    • Let's say your Access Review is set to occur every 2 months; it will be triggered approximately 2 months after the policy was created and applied to the workspace(s). For this example, if the date in the Settings is the 24th of February 2024, the policy would be triggered on the 24th of April 2024.

Next Steps

Once you're done assigning policies to Microsoft Teams, Microsoft 365 Groups, OneDrive, and sites, you can:

Please note! If you added , depending on advanced settings, they will receive an Access Review task. Keep the following in mind:

You will receive a warning when trying to change or apply policies that state you will override selected policies. automatically apply policies to your workspaces.

by removing specific users from reviewers

applied to all Access Review Policies

Rules
Define who will perform the Access Review in greater detail
Configure general Access Review options
Customize Access Review e-mail
users with Full Control access to the Collaborator role
Policies Screen
Policy Type Selection
Create New Policy Dialog
Advanced Settings
Manage Policies Button
Manage Policies
Apply Policy Dialog - Policy
Apply Policy Dialog - Warning