Access packages and catalogs should not reference deleted groups
Why This Matters
When an access package or catalog in Entra ID Governance references a deleted group, it can cause provisioning failures and policy enforcement gaps. This creates a security risk where users may not receive or lose access to critical resources, potentially leading to unauthorized access or operational disruption.
What Aether365 Checks
This security check verifies that all groups referenced by access packages and catalogs in Entra ID Governance are active and not deleted. It appears in your Aether365 dashboard under the entra-id category as check AE.1107.