Agentic AI Atlasby a5c.ai
/
GitHubDocsDiscord
iiRecord
Agentic AI Atlas · Access Review
workflow:access-reviewa5c.ai
II.
Workflow JSON

workflow:access-review

Structured · live

Access Review json

Inspect the normalized record payload exactly as the atlas UI reads it.

File · domain/workflows/workflows-security.yamlCluster · domain
Record JSON
{
  "id": "workflow:access-review",
  "_kind": "Workflow",
  "_file": "domain/workflows/workflows-security.yaml",
  "_cluster": "domain",
  "attributes": {
    "displayName": "Access Review",
    "description": "Quarterly scheduled workflow ensuring that user and service account permissions across\nall systems remain appropriate and consistent with the principle of least privilege.\nIT operations and security engineers generate access reports for critical systems,\ncloud environments, and sensitive data stores. Each team manager reviews the permissions\nof their reports, certifying or revoking access as appropriate. Orphaned accounts from\ndepartures or role changes are deprovisioned. Exceptions require documented justification\nand compensating controls. Audit evidence is retained for compliance reporting. The\nworkflow reduces insider threat risk and satisfies regulatory access-control requirements.\n",
    "workflowKind": "security",
    "triggerType": "scheduled",
    "typicalCadence": "quarterly",
    "complexity": "moderate"
  },
  "outgoingEdges": [
    {
      "from": "workflow:access-review",
      "to": "role:security-engineer",
      "kind": "involves_role"
    },
    {
      "from": "workflow:access-review",
      "to": "role:it-ops-engineer",
      "kind": "involves_role"
    },
    {
      "from": "workflow:access-review",
      "to": "role:compliance-officer",
      "kind": "involves_role"
    },
    {
      "from": "workflow:access-review",
      "to": "role:engineering-manager",
      "kind": "involves_role"
    },
    {
      "from": "workflow:access-review",
      "to": "role:privacy-engineer",
      "kind": "involves_role"
    },
    {
      "from": "workflow:access-review",
      "to": "domain:cybersecurity",
      "kind": "applies_to_domain"
    },
    {
      "from": "workflow:access-review",
      "to": "domain:infrastructure",
      "kind": "applies_to_domain"
    },
    {
      "from": "workflow:access-review",
      "to": "responsibility:access-control",
      "kind": "triggers_responsibility"
    },
    {
      "from": "workflow:access-review",
      "to": "responsibility:compliance-monitoring",
      "kind": "triggers_responsibility"
    },
    {
      "from": "workflow:access-review",
      "to": "responsibility:risk-assessment",
      "kind": "triggers_responsibility"
    }
  ],
  "incomingEdges": [
    {
      "from": "stack-profile:auth-identity-platform",
      "to": "workflow:access-review",
      "kind": "follows_workflow"
    },
    {
      "from": "stack-profile:identity-governance",
      "to": "workflow:access-review",
      "kind": "follows_workflow"
    },
    {
      "from": "tool:nylas",
      "to": "workflow:access-review",
      "kind": "supports_work",
      "attributes": {
        "confidence": "low",
        "evidence": "Calendar and directory context can support scheduling evidence reviews and access-review meetings."
      }
    },
    {
      "from": "tool:jumpcloud",
      "to": "workflow:access-review",
      "kind": "supports_work",
      "attributes": {
        "confidence": "high",
        "evidence": "Directory memberships and device context are core access-review projection points."
      }
    },
    {
      "from": "lib-process:security-compliance--iam-access-control",
      "to": "workflow:access-review",
      "kind": "lib_implements_workflow",
      "attributes": {
        "weight": 0.7
      }
    },
    {
      "from": "lib-skill:security-compliance--gdpr-compliance-automator",
      "to": "workflow:access-review",
      "kind": "lib_implements_workflow",
      "attributes": {
        "weight": 0.7
      }
    }
  ]
}