1. To-Increase Dynamics 365 for Finance & Operations
  2. Security and compliance studio
  3. Audit security

Audit access to sensitive data

It is important to know which securable objects give access to sensitive data. For these types of securable objects, you can review the ones that give access to sensitive data:

  • Roles
  • Duties
  • Privileges
  • Users
You can use several charts to audit access to sensitive data:
  • Number of security objects with access to sensitive data
  • Number of users with access to sensitive data per organization
  • Number of roles per user with access to sensitive data
  • Reasons to give roles access to sensitive data
Each change in the access of securable objects to sensitive data is logged in the security history. You can view and analyze these events in the security history.


Security auditor Security auditor Start Start View securable objects with access to sensitive data View securable objects with access to sensitive data It is important to know which securable objects give access to sensitive data. For these securable object types, you can review which securable objects give access to sensitive data:RolesDutiesPrivilegesUsers Procedure 1. Click Security audit. 2. View the roles with access to sensitive data. Click the Roles – Sensitive data access tab. Note: If you select a role, you can view the related securable objects in the relevant tabs in the lower pane. 3. View the duties with access to sensitive data. Click the Duties – Sensitive data access tab. Note: If you select a duty, you can view the related securable objects in the relevant tabs in the lower pane. 4. View the privileges with access to sensitive data. Click the Privileges – Sensitive data access tab. Note: If you select a privilege, you can view the related securable objects in the relevant tabs in the lower pane. 5. View the users with access to sensitive data. Click the Users – Sensitive data access tab. Note: If you select a user, you can view the related roles in the lower pane. View access to sensitive data charts View access to sensitive data charts You can use several charts to audit access to sensitive data:Number of security objects with access to sensitive dataNumber of users with access to sensitive data per organizationNumber of roles per user with access to sensitive dataReasons to give roles access to sensitive data Procedure 1. Click Security audit. 2. Click the Charts tab. 3. Click the Number of security objects with access to sensitive data tab. 4. Click the Number of users with access to sensitive data per organization tab. 5. Click the Number of roles per user with access to sensitive data tab. 6. Click the Reasons to give roles access to sensitive data tab. Audit security history  on access to  sensitive data? Audit security history  on access to  sensitive data? Audit security history

Audit security history

In the Security and compliance studio, you can audit the security configuration in several ways. You can also generate a security history log report for audit or other compliance requirements.

 Analyze sensitive  data access  in Microsoft Excel? Analyze sensitive  data access  in Microsoft Excel? Export sensitive data access setup to Microsoft Excel Export sensitive data access setup to Microsoft Excel You can export sensitive data access setup to a Microsoft Excel file for further analysis.You can choose to export:All data of the sensitive data access setup.Only the sensitive data access setup that is related to a pinned security object in the security configuration.For example, for a pinned duty, you can export sensitive data setup for:The related roles.The users that are assigned to these roles.The related privileges.The entry points of these privileges. Procedure 1. Click Security audit. 2. Click Manage sensitive data access. 3. In the Duties pane, in the list, find and select the desired record. 4. Click Pin duty. 5. Click Advanced view. 6. Click Export to Excel. Note: As a result, the data is exported to a Microsoft Excel file. The file is downloaded to your downloads folder from where you can open it. If you pinned a securable object before you exported the data, it is shown in red in the Microsoft Excel file. 7. Close the page. End End Yes No Yes No

Activities

Name Responsible Description

View securable objects with access to sensitive data

Security auditor

 		It is important to know which securable objects give access to sensitive data. For these securable object types, you can review which securable objects give access to sensitive data:
  • Roles
  • Duties
  • Privileges
  • Users

View access to sensitive data charts

Security auditor

 		You can use several charts to audit access to sensitive data:
  • Number of security objects with access to sensitive data
  • Number of users with access to sensitive data per organization
  • Number of roles per user with access to sensitive data
  • Reasons to give roles access to sensitive data

Audit security history

Security auditor

 		In the Security and compliance studio, you can audit the security configuration in several ways. You can also generate a security history log report for audit or other compliance requirements.

Export sensitive data access setup to Microsoft Excel

Security auditor

 		You can export sensitive data access setup to a Microsoft Excel file for further analysis.
You can choose to export:
  • All data of the sensitive data access setup.
  • Only the sensitive data access setup that is related to a pinned security object in the security configuration.
For example, for a pinned duty, you can export sensitive data setup for:
  • The related roles.
  • The users that are assigned to these roles.
  • The related privileges.
  • The entry points of these privileges.

See also

Provide feedback