SecureSlate’s User Access module is the built-in system that drives access review compliance. Accounts synced from integrations appear on User Access → Account, where SecureSlate surfaces gaps (unassigned owners, MFA off, inactive accounts) and launches auto-remediation workflows. Those workflows prepare your inventory for Access Reviews, remediate review outcomes, and attach evidence to linked compliance tests such as Verification of Completed Access Review.

You stay in control: nothing is saved or executed until you Approve.

Launch from User Access (built-in system)

Start here when your Account tab shows issue badges or before your first access review cycle.

Go to User Access → Account.
Review the summary bar (for example, “33 accounts across 18 platforms”) and issue badges:
- Unassigned — accounts without an owner
- MFA off — accounts with two-factor authentication disabled
- Inactive — deactivated or stale accounts
Click an issue badge to filter affected accounts, or click Auto Fix on the SecureSlate AI can fix this banner.

The auto-remediation dialog opens and walks through each issue type in order:

Issue	What the agent does
Unassigned	Matches accounts to employees in your directory and proposes owner assignments
MFA off	Enforces MFA policy or notifies owners (delegates to MFA enforcement where needed)
Inactive	Flags accounts for deprovisioning or links to offboarding remediation

Review the full remediation plan across vendors and accounts.
Click Approve to apply changes, or Reject to close without saving.

When account inventory is clean, the agent can start or resume an access review:

Suggest in-scope systems based on integration risk scores
Pre-fill review name, reviewer, and due date
Open the review on User Access → Access Reviews so the reviewer can evaluate each account

This built-in flow is the recommended starting point. Compliance tests and Access Changes remediation connect to the same agent—see the sections below.

What the agent does

Across User Access, access reviews, and linked tests, the SecureSlate agent can:

Remediate account inventory — Assign owners, enforce MFA, and handle inactive accounts from User Access → Account.
Check review coverage — Compare your test interval and framework scope against completed access reviews in User Access → Access Reviews.
Identify gaps — Flag overdue reviews, in-scope systems without a recent decision, or accounts missing an owner.
Prepare test evidence — When a qualifying review is complete, assemble an evidence package (review summary, decisions, dates, and in-scope systems) for the test Evidence tab.
Remediate Access Changes — For accounts marked Denied or Change role, plan deprovisioning or role updates via connected integrations (where supported).
Collect remediation proof — Capture timestamps, actions taken, and system responses for the Access Changes tab and audit trail.
Present results for your review before anything is attached to the test or applied in connected systems.

Linked tests and controls

Access review tests are typically mapped to controls across ISO 27001:2022 and SOC 2, including:

Access control (A.5.15)
Identity management (A.5.16)
Access rights (A.5.18)

Open the test drawer → Linked Controls to see which controls depend on this test. When the test passes, linked controls update automatically if all other mapped tests are also passing with current evidence.

Common test names:

Test	What it checks
Verification of Completed Access Review	A completed periodic access review report covering relevant components (data stores, cloud infrastructure, version control, and other in-scope systems)
Access reviews conducted	That periodic user access reviews have been run for connected systems

Run auto-remediation from a failing test

Use this path when a compliance test like Verification of Completed Access Review is Failing and you need evidence on the Evidence tab.

Open Tests and select the failing access review test (for example, Verification of Completed Access Review).
Open the Evidence tab.
Assign a test owner if the field is empty.
Confirm Test interval matches your policy (for example, Annually (Recommended) for ISO 27001).
On the SecureSlate AI can fix this card, click Auto Fix.

The auto-remediation dialog opens. You will see each step progress in real time, then a Collected evidence screen when the agent is done.

If a completed review exists

When SecureSlate finds a completed access review that satisfies the test interval and scope, the agent prepares:

Review summary — name, reviewer, start/completion dates, and due date
Systems reviewed — vendors and integrations in scope
Decision counts — kept, denied, and role-changed accounts
Access Changes status — whether remediation is still pending for any account

Review this package, then Approve to attach it to the test Evidence tab. The test status updates the same way as when you upload evidence manually.

If no qualifying review exists

When no completed review matches the test requirements, the agent can:

Start a guided review setup — suggest in-scope systems based on your integrations and risk scores
Pre-fill a new access review — name, suggested reviewer, and due date aligned to your test interval
List blockers — systems without synced accounts, accounts missing owners, or reviews past due date

After you complete the review in User Access → Access Reviews, return to the test and run Auto Fix again to attach the completion evidence.

Remediate Access Changes automatically

After a review is completed, accounts marked Denied or Change role appear on the review’s Access Changes tab. The access review agent can remediate these outcomes instead of requiring manual notes or file uploads for every row.

Open the completed review from User Access → Access Reviews.
Open the Access Changes tab.
On the SecureSlate AI can fix this banner, click Auto Fix.

The agent will:

Match accounts to identities in connected systems (email, username, external IDs).
Plan actions — revoke access for Denied accounts; apply role or group changes for Change role decisions.
Flag exceptions — shared accounts, service accounts, or systems without write access (manual ticket instead).
Show the remediation plan for your review.

Then choose:

Approve — The agent executes the plan, updates Remediation status for each account, and logs evidence (action, timestamp, system).
Reject — Close without making changes; remediate manually as described in Access Reviews.

For terminations detected outside a review cycle, see Offboarding auto-remediation (account deprovisioning).

Review and approve

Before evidence is saved or access is changed, review:

Completed review used for test evidence (dates, scope, and reviewer)
Accounts pending remediation in Access Changes
Actions planned per system (suspend, remove, role update, or ticket)
Exceptions requiring manual follow-up

Then choose:

Approve — Evidence is attached to the test and/or remediation is executed; Remediation status updates in Access Changes.
Reject — Close without saving or changing anything.

Important: Evidence and remediation are only applied after you click Approve.

After you approve

Test evidence appears on the test Evidence tab like any other upload. Linked controls move toward Passing when all mapped tests pass with current evidence.
Access Changes rows show updated Remediation status with agent-collected proof.
If the test is still Failing, confirm a test owner is assigned, the test interval matches your completed review cadence, and every in-scope system was included in the review.

Upload evidence manually (optional)

You can still pass access review tests without the agent:

Open the failing test → Evidence tab.
Upload a report or export from your latest access review (PDF, XLSX, DOCX, or other supported formats).
Click Save Evidence and ensure the test has an owner assigned.

For Access Changes remediation without the agent, add a note or upload a file from the Remediation status column as described in Access Reviews.

Access review auto-remediation