080: Discover existing privileged roles

Overview

Create an inventory that outlines who in the organization has privileged roles.

For existing privileged roles, analyze, update, and assign the least privileged role where possible. This effort should consist of several steps:

• Define a written organizational policy regarding least privilege roles
• Analyze role usage in the organization to understand what tasks are regularly performed and which roles best align to those tasks
• Create evidence to show which role assignments may need to be reduced based on analysis and investigation

Reference

• Microsoft Entra roles Discovery and insights (preview) in Privileged Identity Management former Security Wizard - Microsoft Entra ID Governance | Microsoft Learn
• List members of a directory role - Microsoft Graph v1.0 | Microsoft Learn