Audit Campaign User Guide
Last updated: March 9, 2026
Overview
A YeshID Audit Campaign helps organizations review and certify user access across applications to ensure only appropriate access is maintained. It provides a structured workflow - from capturing an access snapshot through certification, remediation, and verification - while generating auditable evidence and reports to support compliance and security requirements.
Roles
Owner
An owner ensures the audit is completed end-to-end. They have visibility into all aspects of the audit and can take action themselves. They manage campaign setup, participants, reminders, and closure.
Certifier
A certifier evaluates access findings and decides whether access should be kept or removed within assigned applications (scopes).
Reviews findings during the Certification phase.
Sets a decision for each finding:
Approve (keep access)
Deny (remove access)
Undecided (decision not finalized)
Provides a reason when selecting Deny.
If self-certification is disabled, certifiers cannot certify their own access.
Remediator
A remediator is responsible for executing remediation workflows for denied findings. They are also able to verify that the work was actually completed.
Phases
Audit campaigns move through the following phases:
Snapshot
Certification
Remediation and Verification
Close
Campaign status labels reflect this lifecycle:
Waiting for Snapshot
In Review
Closed
1) Snapshot
Purpose: establish a reliable audit baseline.
Sync or upload the latest access data for each in-scope application.
Capture the campaign snapshot when data is ready.
The snapshot becomes the baseline used for downstream decisions and evidence.
After certification decisions begin, snapshot recapture is blocked.
2) Certification
Purpose: make explicit access decisions for every finding.
Review each finding and select Approve, Deny, or Undecided.
Deny requires a written reason.
Bulk decisions can be applied to multiple findings.
The campaign cannot be closed while any findings remain Undecided.
3) Remediation and Verification
Purpose: execute denied-access changes and confirm results.
Launch remediation workflows for scopes with denied findings.
After workflow execution finishes, run verification.
Scopes that do not have the user import integration enabled require manual evidence upload/import before verification can pass.
After verification passes for a scope, decision updates for that scope are locked.
4) Close
Purpose: finalize campaign results.
Closure is allowed only when all findings are decided.
If denied, findings exist, remediation verification must pass first.
Once closed, the campaign is read-only.
Actions and What They Do
Campaign Actions
Settings: update owners, certifiers, remediators, and self-certification settings.
Notify (Nudge): sends reminders to users with outstanding work.
Close Audit: finalizes the campaign and prevents further edits.
Snapshot Actions
Sync / Re-Sync: refreshes data from connected integrations.
Upload / Re-Upload: provides manual data when automated sync is unavailable.
Capture Snapshot / Re-capture Snapshot: records the campaign baseline dataset.
Certification Actions
Approve: confirms access should remain.
Deny: flags access for removal (reason required).
Undecided: leaves a finding open for later decision.
Bulk Approve / Deny / Undecided: applies one decision to selected findings.
Remediation and Verification Actions
Launch Workflow: starts remediation for denied findings in a scope.
View Workflow: opens the remediation run details.
Verify: validates expected access state against observed results.
Upload Verification Evidence: submits required evidence for manual verification paths.
Evidence and Reporting Actions
Evidence Vault > Download: downloads stored audit artifacts.
Copy SHA256: copies artifact hash values for integrity checks.
Export > Download PDF Report: generates campaign reports (Full or Executive).
Audit Trail: shows the immutable record of campaign activity.