1. Readiness Demos Transcripts
  2. Advanced Access Requests & Preventive Controls with GenAI

Advanced Access Requests & Preventive Controls with GenAI

I am Pablo Duran, the procure-to-pay process lead and owner of procure-to-pay. I've received a Fusion notification from an IT admin to review an access request. I'll tap on this notification; it takes me to the access request reviews page.

I see that Richard Green has requested the Vision accounts payable manager role. I will now evaluate the request using GenAI-based insights. On tapping the role, I see that I can review the data permissions and also the control violations. The good news is that this access request has not generated any control violations.

I can also look at the security briefing powered by Gen AI. This role briefing explains what the role does and how it will impact business operations. The role briefing contains very useful information about the role, as well as some more contextual information.

At the top I can see a broad high level summary of what the role does. I see that it has various permissions it provides which is expected for an accounts payable manager to have.

But I also see that it has some sensitive journal privileges, like post and reverse journals, which should not be part of this role. I see that only two users have been granted this role. I can also look at the details of this role by functional category.

As I peruse through this I see that it has all of the different categories of privileges like suppliers, payables, reporting, and so on. Also it includes journal management. Specifically it says that this role can grant access to users to post reverse and hold journals, which I think is a red flag.

In addition, the role briefing also provides other very useful contextual information, like related data access permissions, the usage in the organizations, how many users are using it, access certification history, any inherent risks within the role, or any incident history, as well as a complete list of the privileges.

Given that this role has some unexpected journal privileges, I'm going to decline this request. I tap on Decline Risk and make a comment: "Role has sensitive post and reverse journal access. Please revisit the role design details to minimize risk." This feedback will be logged for further action to refine the role design.

This structured approach ensures that business owners can confidently make informed decisions using AI-driven insights, without needing technical expertise.