Our organization recently went live with Emergency Access Management in Access Control 10.0 SP19. EAM is quite different from our previous process for fire call access, so we are revisiting our support processes and had hoped to leverage some leading practices, or at least, consider whatever has been successful at other organizations.
1. Once the workflow notification goes out that a Firefight ID has been used, is it a good practice for the GRC support team to do a review of the account/ the logs, too, or is that not really necessary?
2. Does an alert/ reminder go out if the log is not reviewed in a timely manner? Should we put an escalation into the workflow? Can we tell when a log has not yet been reviewed? The Consolidated Log Report did not seem to provide such information. How does the GRC support team monitor that?
3. Does somebody besides the GRC Support Team periodically review the Consolidated Log Report?