Release Notes

Predefined Question Sets

Configure required questions and answers for access review decisions to enrich the decision context and meet compliance requirements.

Predefined Questions enable organizations to require reviewers to answer specific questions when making review decisions. Enabling this feature can help meet compliance requirements and provide a structured context for each reviewer's decision.

For example, when approving access, reviewers might be asked, "What is the business justification for this access?" with predefined options like "Required for current project," "Ongoing operational need," or "Temporary access for incident." For rejections, questions might include "Why is this access no longer needed?" or "Should this access be immediately revoked?"

Administrators can customize question sets in Access Reviews > Settings > Question Sets.

Overview

Questions are configured in Question Sets. Each review configuration can optionally be associated with different Question Sets - one for Approve and another for Reject responses. When configured, reviewers must answer all questions in the specified Question Set before submitting their decision (approve or reject). During bulk decisioning, one set of answers applies to all selected rows.

After creating a review that uses predefined Question Sets, a permanent record of those questions is stored with that review. In other words, if you edit a question set associated with a specific configuration, it will only affect future reviews.

Question responses are automatically included in webhook payloads for downstream processing and compliance reporting.

Question Sets

Question Sets are reusable collections of questions that can be attached to review configurations. Each question set contains:

  • Name: A unique descriptive name for the Question Set

  • Description: Optional details about the Question Set's purpose (this field is not currently configurable in the UI, and is an optional property in the API)

  • Questions: An ordered list of questions to be answered

Question Types

Questions can be configured in two ways based on how you want reviewers to respond:

  1. Multiple Choice: Present predefined answer options. Answers appear in the configured order, and can include an "Other" option for free-form text response

  2. Free Form: Allow reviewers to enter any text response

Decision-Specific Questions

Within the review configuration, you can configure different Question Sets for:

  • Accept decisions: Questions asked when approving access

  • Reject decisions: Questions asked when denying access

Configuring Predefined Questions

Step 1: Create Question Sets

Question Sets are managed separately from review configurations, making them reusable across reviews.

  1. Navigate to Access Reviews > Settings > Question Sets (requires Admin or Access Review Admin role)

  2. Click Create Question Set

  3. Provide a descriptive name (e.g., "Security Access Questions") and optional description

  4. Add questions to the set:

    • Set clear, concise question text

    • Choose the answer type (Multiple Choice or Free Form)

    • For multiple choice, define answer options in logical order, including an "Other" option if flexibility is needed

  5. Click Save to create the question set

Note: Question Sets that are in use (applied to a review) can be modified, but any active running reviews will continue to use the earlier version of the Question Set from when the review was created. Deleting a Question Set will not impact existing reviews created using those questions.

Step 2: Configure Question Sets in a Review

You can assign predefined Question Sets when creating or editing a review configuration:

  1. In the configuration builder, navigate to the Predefined Questions step

  2. For On Accept, select a Question Set from the dropdown (optional)

  3. For On Reject, select a Question Set from the dropdown (optional)

  4. Save the configuration

Reviewer Experience

Based on the review configuration, users assigned to an access review are prompted to respond to the assigned questions when approving or rejecting individual rows, including when making decisions in bulk:

Making Individual Decisions

When a reviewer decides on a row:

  1. Upon clicking Approve or Reject, a dialog appears with the configured questions

  2. Questions are displayed in their configured order

  3. The reviewer must answer all questions

  4. After completing the questions, the decision is submitted

Bulk Decision Updates

When decisioning multiple rows at once:

  1. One set of questions appears for all selected rows

  2. The same answers are applied to all rows in the bulk update

Multi-Level Reviews

Some special behaviors apply during multi-level approval workflows. First-level reviewers are required to provide answers, while subsequent reviewers can make edits to previous answers:

  1. First Level: Reviewers answer questions when making decisions

  2. Propagation: When decisions move to the next level, question responses are automatically copied

  3. Editing: Next-level reviewers can modify the responses before signing off

  4. Unanimous Rejection: In unanimous rejection mode, responses are propagated but rows remain unsigned until all levels reject

Limitations

  • Questions cannot be conditionally required based on other answers (in initial release)

  • Question Sets cannot be modified while actively used in running reviews

Related Documentation

PreviousReviewer Selection MethodsNextReviewer Digest Notifications

Last updated

Was this helpful?