Template
Cyber Essentials user access review template
A quarterly user access review template covering admins, end-users, leavers and MFA status for Cyber Essentials.
What this template helps with
- Confirming the right people have the right access
- Catching unrevoked leaver accounts
- Evidencing the review for your assessor
What is included
- Per-user review rows
- MFA status
- Decision column (keep / remove / change)
Who it is for
- SMEs running quarterly access reviews
- IT managers and security leads
Preview
Copy the structure below or build it properly in Evaud.
| User | Role | Admin? | MFA | Decision | Reviewer |
|---|---|---|---|---|---|
| alex@example.com | IT | Yes | App | Keep | Head of IT |
| sam@example.com | Sales | No | App | Keep | Head of IT |
| leaver@example.com | Marketing (left May) | No | — | Remove | Head of IT |
| contractor@example.com | Design (project) | No | SMS | Move to app MFA | Head of IT |
| root@example.com | Break-glass | Yes | Hardware key | Keep, rotate cred | Head of IT |
Build this properly in Evaud
Get the structure above, plus owners, review dates, file uploads and the read-only assessor view.
Frequently asked questions
Evaud helps organise Cyber Essentials evidence and readiness information. It is not a certification body and does not guarantee certification.
Start building your Cyber Essentials evidence today.
Free to try. No credit card required.