Access packages should not reference inactive or orphaned assignment policies
Why This Matters
Orphaned or inactive assignment policies in access packages can lead to unintended access grants and security blind spots in your Entra ID governance strategy. When a policy is disabled or misconfigured, it may either block legitimate access requests or fail to enforce approval workflows, creating compliance gaps. Auditors and security teams need visibility into policy states to ensure all access packages operate with valid, active policies.
What Aether365 Checks
Aether365 scans your tenant for access packages that reference assignment policies which are disabled, misconfigured, or orphaned. This check appears in the Aether365 dashboard under entra-id checks and flags policies requiring review or removal.