Essentials of Access reviews
RCCE students will learn user access review processes including periodic access certification campaigns, manager attestation workflows, entitlement review automation, and segregation of duties enforcement. RCCE students will learn to design access review programs, select appropriate review frequencies based on risk, configure identity governance platforms for automated access certification, investigate inappropriate access findings, calculate rubber-stamping rates, enforce access removal for failed reviews, report access review metrics to compliance stakeholders, and integrate access reviews with joiner-mover-leaver lifecycle processes. This essentials course covers the core knowledge needed to operate competently in this domain. Starting from foundational concepts, RCCE students will learn the fundamental concepts, terminology, risks, and defenses that form the foundation for all further study and professional practice. Students build a solid knowledge base that prepares them for more advanced courses and real-world security responsibilities.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Essentials of Access reviews
- Execute hands-on tasks for essentials of access reviews
- Execute hands-on tasks for advanced cyber defense mastery
- Explain Executive Overview fundamentals
- Execute hands-on tasks for why access reviews matter — covering who has access to what resources.
- Execute hands-on tasks for strategic importance
- Execute hands-on tasks for regulatory compliance — covering Risk Reduction, Operational Excellence.
- Execute hands-on tasks for core definitions & terminology
- Execute hands-on tasks for access review
- Execute hands-on tasks for certification campaign
- Execute hands-on tasks for access review lifecycle
- Execute hands-on tasks for periodic access certification campaigns
- Execute hands-on tasks for campaign best practices — covering 📋.
| Module 01 | Essentials of Access Reviews |
| Module 02 | Advanced Cyber Defense Mastery |
| Module 03 | Executive Overview |
| Module 04 | Why Access Reviews Matter |
| Module 05 | Strategic Importance |
| Module 06 | Regulatory Compliance |
| Module 07 | Core Definitions & Terminology |
| Module 08 | Access Review |
| Module 09 | Certification Campaign |
| Module 10 | Access Review Lifecycle |
| Module 11 | Periodic Access Certification Campaigns |
| Module 12 | Campaign Best Practices |
| Module 13 | Manager Attestation Workflows |
| Module 14 | Emergency bypass: CISO approval required |
All hands-on labs run on Rocheston Rose X OS. Students practice essentials of access reviews by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for essentials of access reviews
- Lab 2: Execute hands-on tasks for advanced cyber defense mastery
- Lab 3: Explain Executive Overview fundamentals
- Lab 4: Execute hands-on tasks for why access reviews matter
- Lab 5: Execute hands-on tasks for strategic importance
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Essentials of Access reviews, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI