Browse · Help archive
Getting Started
Account & Security
Billing & Plans
Organization & Roles
QA-QC
Project Matrix
File Management
Project Members
Access Requests
Project Setup
Attribute Extract
Attribute Import
Scheduled Jobs
Power BI Analytics
Foreman Assistant
Permissions Graph

Draft · This article is being updated. Content may change.

  1. Archive
  2. /
  3. Project Members
  4. /
  5. Cross-Project Member Audit

Cross-Project Member Audit

Learn how to run a cross-project member audit in Foreman to review user access, identify over-provisioned accounts, and support security and compliance checks across all projects.

The cross-project member audit in Foreman gives you a consolidated view of member access across all projects in your ACC account. This is essential for security reviews, compliance checks, and ensuring that team members only have access to the projects they need.

Running an audit

  1. Navigate to the Member Audit section in Foreman.
  2. Select the hub you want to audit.
  3. Foreman scans all projects in the hub and builds a consolidated access report.

The audit results show each member alongside every project they have access to, their roles on each project, and whether they have admin privileges.

Identifying over-provisioned users

One of the primary use cases for the member audit is finding users who have more access than they need. Common signs of over-provisioning include:

  • Admin access on many projects -- A user with Project Admin on every project may only need it on the ones they actively manage.
  • Stale access -- Members who were added to a project temporarily but never removed after their work was complete.
  • Role creep -- Users who have accumulated multiple roles over time as they moved between responsibilities.

Regularly auditing member access is a best practice for security and compliance. Consider running an audit at least quarterly, or whenever team members change roles or leave the organisation.

Compliance use cases

The member audit supports several compliance scenarios:

  • Access reviews -- Satisfy internal or external audit requirements by documenting who has access to each project and why.
  • Least privilege enforcement -- Verify that members only have the minimum roles required for their responsibilities.
  • Offboarding verification -- Confirm that departed team members have been fully removed from all projects.
  • Contractor access tracking -- Monitor temporary access granted to external contractors and ensure it is revoked when their engagement ends.

Taking action on audit findings

From the audit results, you can navigate directly to any project's member management page to make changes. Foreman provides direct links to:

  • Remove a member from a specific project
  • Adjust their roles
  • Toggle admin access

You can export the full audit report as a CSV file for record-keeping or to share with your compliance team.

See also

← Previous Using the Role Finder Next → Access Requests Overview
You're offline — some actions may not work.

Connection lost

Attempting to reconnect to Foreman...

Connection lost

Retrying in --s Attempt - of -

Connection interrupted

Retrying in --s Attempt - of -