External users/guests validation by group owners
Include a periodical check if guests are still needed
There is a need to also check the guests periodically (every 30, 60, 90, or 180 Days).
There an owner should decide for every guest if access is still needed or access should be removed automatically.
This is something we thought it did. Checking external sharing is useful but bringing it up a level to just a simple 'dear owner do you know your Team/Group has guests' is what our Infogov colleagues want. To meet compliance we are required to ask every 3 months about access to systems from guest or sponsored users. Perhaps if it had a check box next to each guest so an owner could tick the ones they are ok with and the remainder would get emailed to IT for action to purge or v.v