Run access revocation and retention/deletion checklist
Decides which actions to take, in what order, toward a goal.
You might say…
“The engagement is closed. I need to make sure we're not sitting on open access or holding data we shouldn't.”
What it does
Runs the access revocation and retention/deletion checklist — confirming each system, credential, and shared resource is either archived, handed to the client, or deleted per retention policy.
Trigger: Use as the final operational step at engagement close, after the archive manifest is complete.
I/O: Access inventory, archive manifest, retention policy → Completed revocation log with confirmed actions per item
Autonomy: Acts with approval — does the work, checks in on the exceptions.
Recognise the problem?
The primitives are the commodity part. The fastest next step is a conversation about composing them into something that works for you.
Start a conversation