What is a one sentence summary of your feature request?
Enable UAR exports to include the actual approver name and approval timestamp (Performed By + Approval Date/Time) for each reviewed line item.
Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.
When exporting User Access Review (UAR) history for audit purposes, the reports do not capture the actual individual who performed the approval or the timestamp of the approval action. Instead, exports default to showing the “Owner,” which does not accurately reflect who completed the final sign-off — particularly in cases involving side reviews or segregation-of-duties mitigation.
For example, when a secondary reviewer performs a side review to prevent self-approval of administrator access, the Membership Report still lists the original reviewer as the “Owner,” even though another individual executed the approval. There is currently no exportable field that shows:
- The specific user who clicked “Approve” (actual approver)
- The exact date and time the approval occurred
This enhancement would allow exports to include true approval transaction history (Actual Approver Name + Timestamp) at the line-item level. This is critical for audit defensibility and control validation, as auditors require proof of who authorized access and when. Without this capability, customers must rely on manual screenshots, which reduces efficiency, scalability, and the overall value of the UAR module.
How do you currently solve the challenges you have by not having this feature?
Currently, customers rely on manual screenshots taken at the time of approval to document who performed the review and when it occurred. These screenshots are retained as audit evidence.
There is also the possibility of attempting to reconcile data in Excel by cross-referencing the UAR exports (e.g., Review Group List and Membership Reports) with Change Request exports to infer approval activity. However, this approach is manual, time-consuming, and not fully reliable, as it does not provide a definitive, line-item-level record of the actual approver and timestamp.
Neither workaround is scalable or audit-friendly. Both significantly reduce efficiency and weaken the overall control evidence compared to having a system-generated, exportable approval transaction history.