Role Authorization Audit Checklist
Use this checklist to review whether a person’s role-based access is appropriate, approved, and documented.
Audit Scope and Subject
Audited Person’s Name
*
First Name
Last Name
Job Title / Role
*
Department / Team
*
Manager or Approver Name
First Name
Last Name
System / Application Being Reviewed
*
Audit Date
*
-
Month
-
Day
Year
Date
Authorization Review Checklist
Does access match job responsibilities?
*
Yes
No
Partially
Was access approved by the correct authority?
*
Yes
No
Unknown
Do current permissions follow least-privilege principles?
*
Yes
No
Needs review
Does any elevated or administrative access exist?
*
No
Yes
Date of last access review
*
-
Month
-
Day
Year
Date
Notes on mismatches or exceptions
Role-to-Access Evaluation
Role / Permission Evaluation
*
Rows
Currently Granted Access
Required for Role
Approved By
Reviewer Comments
Permission Name
1
2
Overall Appropriateness of Access
*
Poor
1
2
3
4
5
6
7
8
9
Excellent
10
1 is Poor, 10 is Excellent
Audit Outcome
*
Compliant
Needs Remediation
Escalate
Additional Notes
Remediation and Follow-Up
Corrective Action Needed
*
Remove access
Adjust role
Request approval
No action needed
Target Completion Date
*
-
Month
-
Day
Year
Date
Follow-Up Owner
*
Final Reviewer Comments
Submit Audit
Should be Empty: