Identify and map users in a critical system

Use Sprinto to identify and map accounts discovered in critical systems to the appropriate employee or contractor records. This helps maintain accurate access inventories, improves access reviews, and ensures user accounts are correctly classified for audit and compliance purposes.

Before you begin

• Ensure the critical system has been added to Sprinto.

• You must have permission to manage access records within the critical system.

• User accounts must be synced or imported into the selected critical system.

Identify and map a user

1. Log in to the Sprinto dashboard.

2. Navigate to Data Library > Access.

3. Select the Critical systems tab.

1. Open the critical system where you want to identify or map users.

2. Select the Users tab.

3. Locate the user account you want to classify.

4. Click the Edit icon next to the user record.

1. In the Identify & map user dialog, select one of the following options from the User is dropdown:

   • Existing staff in Sprinto – Map the account to an employee or contractor that already exists in Sprinto.

   • New staff in Sprinto – Map the account to an employee or contractor who has not yet been added to Sprinto.

   • Not a staff account – Mark the account as a shared, service, system, or non-human account.

   • Not identified – Mark the account as unidentified when ownership cannot be determined.

2. Enter the employee or contractor details.

3. Click Save.

The selected classification is applied to the user account and displayed in the Users table.

Classification options

What happens after mapping?

Once a user is classified:

• The account ownership information is updated in Sprinto.

• Access reviews use the mapped user information during review cycles.

• Non-staff accounts are clearly identified and separated from employee accounts.

• Unidentified accounts remain visible for further investigation and remediation.

• Audit evidence reflects the latest user classification information.