Dockria

Prove the Right People Have the Right Access

Run scheduled review campaigns where assigned reviewers certify, trim, or revoke each user's access, enforcing least privilege and giving auditors the evidence they expect, with anti-escalation built in.

Access Reviews & Certification, Dockria EDMS interface screenshot

Over time, access quietly accumulates. People change roles, projects end, and permissions that were once needed linger long after they should. That drift is exactly what auditors look for and attackers exploit. Dockria's Access Reviews give you a disciplined, repeatable way to keep permissions aligned with the principle of least privilege.

Reviews are organised into campaigns. Each campaign has a name and description, a scope covering all users or specific groups, a defined review period, and the reviewers responsible for it, typically the managers who actually know who needs what. This turns recertification from an ad-hoc scramble into a structured, scheduled process.

For each item, reviewers make a clear decision: Maintain the access exactly as it is, Modify it by keeping some assignments and revoking the rest, or revoke it entirely. An anti-escalation safeguard is built in. The system rejects any change that would grant new permissions, so a review can only ever confirm or reduce access, never quietly expand it.

Affected users are notified that their access was reviewed, and every decision is recorded in full. The result is a complete, audit-ready trail showing who reviewed whom, what was decided, and when, the evidence regulators and security teams expect, produced as a natural by-product of good governance.

Key Benefits

Scheduled Campaigns

Organise recertification into named campaigns with defined periods, turning access review into a structured, repeatable process.

Targeted Scope

Scope each campaign to all users or specific groups, and assign the reviewers who actually know who needs what.

Maintain, Modify, or Revoke

Reviewers make a clear decision on every item: keep access as is, trim it, or remove it entirely.

Anti-Escalation Safeguard

The system rejects any change that would grant new permissions, so reviews can only confirm or reduce access, never expand it.

User Notification

Affected users are informed that their access was reviewed, keeping the process transparent and accountable.

Audit-Ready Evidence

Every decision is recorded, producing a complete trail of who reviewed whom, what was decided, and when.

Industry Use Cases

Finance

Banks run quarterly access certifications across departments to satisfy examiners and enforce least privilege on sensitive records.

Government

Agencies periodically recertify access to official information, demonstrating disciplined governance to oversight bodies.

Legal

Firms review who can reach privileged matters, ensuring access ends when a lawyer leaves a case or the firm.

Healthcare

Hospitals recertify access to patient records on a schedule, supporting data-protection and least-privilege obligations.

Related Features

Granular Role-Based Access

Control viewing, editing, deleting, and sharing permissions at the document class or specific property level.

Security Monitoring & Alerts

Track failed logins, account lockouts, and suspicious activity in real time with configurable alert rules and incident response workflows.

Complete Audit Trail

Immutable logging of every user action: who viewed, downloaded, or edited a document, with exact timestamps.

Privacy Management

Dedicated modules for logging Data Breaches, tracking Consent, and managing Data Subject Access Requests (DSAR).

See How This Feature Applies to Your Industry

Finance Solutions Government Solutions Legal Solutions

Ready to see access reviews & certification in action?

Schedule a personalised demo and discover how Dockria can transform your document management operations.

Request a Demo