Configurable Inactive User Account Threshold for Risk Assessment Reports

What is a one sentence summary of your feature request?

Allow administrators to configure the inactivity threshold for user accounts in Risk Assessment reports, including setting it to 90 days instead of the default 35 days.

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

The current inactive user account report uses a fixed default inactivity threshold of 35 days. Many organizations define inactive accounts based on longer periods, such as 90 days, according to their internal security policies and compliance requirements.

Providing a configurable inactivity threshold would allow organizations to align the report with their security standards and reduce false positives. This would improve the relevance and accuracy of Risk Assessment findings.

How do you currently solve the challenges you have by not having this feature?

Currently, there is no built-in way to adjust the threshold in the Risk Assessment report, resulting in additional manual review and filtering efforts.

Thanks for this feedback, Ali!
Configurable thresholds for inactivity are a common request, and we recognize that the 35-day by default does not fit every organization’s security policy. This request is closely related to the companion idea about computer accountsthresholds, and we are treating them together. Making the inactivity period configurable per-report or per-organization policy is a reasonable enhancement that would significantly reduce false positives in Risk Assessment. We are adding this to our backlog for the Risk Assessment module. While we evaluate the timeline, please note that some customers work around this by filtering the exported results or querying the Netwrix Auditor database to apply custom thresholds in post-processing. We appreciate you submitting a well-scoped request with a concrete target value (90 days) - that context helps us calibrate defaults.