Identity Architecture Review.

Entra ID / Okta tenant structure, AD integration, SSO configuration, conditional access structure. Identifies duplicate identity sources, weak authentication requirements, inconsistent policies.

How SaaS apps connect to the identity provider — SSO usage, local authentication, provisioning, lifecycle. Identifies apps bypassing SSO, manual provisioning, uncontrolled SaaS onboarding.

Admin role allocation, global admin usage, JIT model, separation of duties. Identifies excessive privileged users, lack of just-in-time access, standing privileged access.

Joiner / mover / leaver. Identifies delayed deprovisioning, inconsistent role assignment, manual processes.

Enforcement consistency, conditional access policies, device trust requirements. Identifies inconsistent MFA enforcement and policy gaps.

Onboarding standards, approval processes, governance ownership. Identifies shadow IT and uncontrolled OAuth integrations.

Least privilege enforcement, authentication strength, access segmentation. Surfaces architectural gaps versus a Zero Trust target state.

Kickoff session. Information gathering. Identify SaaS apps and identity provider landscape.

Identity provider review. SaaS integration review.

Privileged access review. Lifecycle review.

Analysis. Report creation.

Presentation of findings. Walk-through with the security and architecture teams.

• Penetration testing
• Tool deployment
• Configuration hardening