Summary: "What does this user have access to?" is the question every CISO faces during an incident investigation, a pre-termination review, or a board-level transparency request — and with access spread across thirty admin consoles, the answer historically takes half a day to assemble. Oleria, an AI-native identity security & governance platform, makes this a seconds-level query with user access review campaigns that surface a complete cross-app access picture, with per-line evidence and a direct path to revoke, in one place.
"What does Sarah have access to?" is the question every CISO has been asked at least once — typically right after the answer matters. With access spread across thirty admin consoles and three IGA tools, assembling Sarah's full access surface is a half-day project. By the time it's done, the question has moved on.
User-centric reviews exist in some IGA tools as a side feature. Few make them first-class. Without a campaign type built around the identity, user-level audits remain manual; user-level access transparency stays out of reach.
Oleria's AI assembles the full cross-app access surface for any identity in seconds. Every line scored against the same three signals. Reviewer sees the whole picture, certifies or revokes line by line.
"What does X have access to?" answer time Half-day → seconds
Pre-termination access reviews Routine
Exec-level access transparency One-click
Audit findings on user-level review depth Eliminated
Pre-termination reviews, incident investigations, exec-level access transparency — they all start with the same question: what does this person actually have? Oleria answers it in seconds, not half a day. See how User campaigns work.
The user is never the reviewer of their own campaign — User campaigns are reviewed by manager, IAM admin, or security lead, depending on configuration.
Exec-level User campaigns are how board-level identity transparency happens. CFO's full access, every quarter. CISO's full access, every quarter. The campaign produces the certification evidence the board wants without the half-day assembly. Some organizations run these on a tighter cadence than standard reviews.
Yes — user campaigns are commonly fired by SOC during incident response. The full access surface, with dormancy and peer signal, surfaces in seconds. Investigator sees what's normal vs. what's anomalous, scopes the blast radius, and revokes selectively. The campaign becomes the artifact of the investigation.
Use the User filter to create a campaign specific to a user when the question is about one identity: pre-termination, post-promotion, executive review, IR investigation. Use Application campaigns for app-level certification for the specific user. Use Group campaigns for membership review.
