From 353d0e8f6320c4026547088b2dd2fb68fb177a7a Mon Sep 17 00:00:00 2001
From: bozicovichsantiago20-oss
 <290439273+bozicovichsantiago20-oss@users.noreply.github.com>
Date: Fri, 5 Jun 2026 18:14:06 -0300
Subject: [PATCH] Add access review certifier independence gates

---
 skills/identity/access-review/SKILL.md        | 50 +++++++++++++++++--
 .../approved-timebounded-delegation.yaml      | 32 ++++++++++++
 .../vulnerable/delegation-out-of-scope.yaml   | 28 +++++++++++
 .../vulnerable/self-review-privileged.yaml    | 21 ++++++++
 4 files changed, 128 insertions(+), 3 deletions(-)
 create mode 100644 skills/identity/access-review/tests/benign/approved-timebounded-delegation.yaml
 create mode 100644 skills/identity/access-review/tests/vulnerable/delegation-out-of-scope.yaml
 create mode 100644 skills/identity/access-review/tests/vulnerable/self-review-privileged.yaml

diff --git a/skills/identity/access-review/SKILL.md b/skills/identity/access-review/SKILL.md
index 09309278..9f5f84c2 100644
--- a/skills/identity/access-review/SKILL.md
+++ b/skills/identity/access-review/SKILL.md
@@ -12,7 +12,7 @@ phase: [operate]
 frameworks: [CIS-Controls-v8, NIST-SP-800-53-AC]
 difficulty: intermediate
 time_estimate: "45-90min"
-version: "1.0.0"
+version: "1.1.0"
 author: unitoneai
 license: MIT
 allowed-tools: Read, Grep, Glob
@@ -147,8 +147,37 @@ AR-CERT-05: No escalation path for entitlements where the certifier is uncertain
 AR-CERT-06: Certification decisions not enforced — revoked entitlements not actually removed
 AR-CERT-07: No SLA for certification completion (recommended: 14 business days)
 AR-CERT-08: Delegated reviews without accountability (certifier delegates but is not tracked)
+AR-CERT-09: Certifier approves their own access (self-review), especially for privileged or production entitlements
+AR-CERT-10: Certifier can grant, revoke, or modify the same entitlement they are certifying
+AR-CERT-11: Delegated reviewer makes decisions outside approved system, entitlement, privilege, or time scope
+AR-CERT-12: Certification campaign marked complete without certifier eligibility evidence
 ```
 
+**Certifier eligibility and delegation evidence:**
+
+| Evidence Field | Purpose |
+|---|---|
+| `reviewer_of_record_user_id` | Accountable owner originally assigned to certify the access. |
+| `actual_certifier_user_id` | Person who made the approve/revoke/modify decision. |
+| `subject_user_id` / `subject_account_id` | Identity whose access is being reviewed. |
+| `entitlement_id` and `system_id` | Access item and system under review. |
+| `certifier_relationship` | Manager, resource owner, group owner, team owner, delegated reviewer, or exception approver. |
+| `is_self_review` | Whether the actual certifier and subject are the same identity or same effective owner. |
+| `certifier_admin_authority` | Whether the certifier can grant, revoke, modify, or approve the reviewed entitlement outside the campaign. |
+| `delegation_approved_by` / `delegation_reason` | Authority and business reason for delegation. |
+| `delegation_valid_from` / `delegation_valid_until` | Time bounds for the delegated certification authority. |
+| `delegation_scope` | Approved systems, environments, entitlement classes, privilege levels, and population. |
+| `decision_timestamp` | When the certification decision was made. |
+| `independence_exception` / `exception_expiry` | Compensating control and expiry when independence is impossible. |
+
+**Eligibility decision logic:**
+
+1. If `actual_certifier_user_id` equals the reviewed subject, or the certifier is the owner of the reviewed shared/service account, flag self-review. Severity is **High** for privileged or production access and **Medium** for low-risk access.
+2. If the certifier can grant, revoke, or modify the same access under review, flag a certifier SoD conflict unless a secondary approval, immutable audit trail, post-review reconciliation, and time-bounded admin activation are evidenced.
+3. If the decision was delegated, compare the actual decision against the approved delegation scope: system, environment, entitlement class, privileged status, population, and validity window.
+4. If reviewer identity, delegation chain, or certifier authority cannot be evidenced, mark the campaign completion as **Provisional** rather than clean.
+5. Treat planned, approved, time-bounded delegation as acceptable when scope is narrow, the delegate is independent, and the reviewer of record remains accountable.
+
 **Rubber-stamp detection criteria:**
 
 | Indicator | Threshold | Action |
@@ -252,6 +281,7 @@ AR-SOD-04: SoD analysis not automated (manual review only)
 AR-SOD-05: Emergency/break-glass access bypasses SoD without post-hoc review
 AR-SOD-06: Role combinations that create SoD conflicts not flagged during provisioning
 AR-SOD-07: SoD conflicts in service accounts (single account spans multiple functions)
+AR-SOD-08: Access certifier also has provisioning or administration authority over the entitlement under review
 ```
 
 **Severity classification for SoD violations:**
@@ -292,6 +322,8 @@ AR-ENF-08: No metrics or reporting on review completion rates and outcomes
 |---|---|---|
 | Review campaign configuration (scope, reviewers, deadline) | Duration of audit period + 1 year | AC-2(j) |
 | Individual certification decisions (approve/revoke per entitlement) | Duration of audit period + 1 year | AC-6(7) |
+| Certifier eligibility evidence (reviewer of record, actual certifier, independence checks) | Duration of audit period + 1 year | AC-5, AC-6 |
+| Delegation authorization (approver, scope, validity window, reason) | Duration of audit period + 1 year | AC-2(j), AC-5 |
 | Revocation execution confirmation (ticket, timestamp) | Duration of audit period + 1 year | AC-2, CIS 6.2 |
 | Exception approvals with justification and expiry | Duration of exception + 1 year | AC-6 |
 | Review completion metrics (on-time %, revocation %) | Duration of audit period + 1 year | AC-2 |
@@ -303,8 +335,8 @@ AR-ENF-08: No metrics or reporting on review completion rates and outcomes
 | Severity | Definition | Examples |
 |---|---|---|
 | **Critical** | Immediate unauthorized access risk or active SoD violation in financial/production systems | Terminated employee with active admin access; SoD conflict on payment systems |
-| **High** | Significant privilege excess or governance gap with exploitation potential | Orphaned service accounts with production access; no access review process exists |
-| **Medium** | Governance deficiency increasing risk over time | Rubber-stamped certifications; role explosion; reviews not on cadence |
+| **High** | Significant privilege excess or governance gap with exploitation potential | Orphaned service accounts with production access; no access review process exists; privileged self-review; conflicted certifier with grant/revoke authority |
+| **Medium** | Governance deficiency increasing risk over time | Rubber-stamped certifications; role explosion; reviews not on cadence; out-of-scope delegation for non-privileged access; provisional campaign completion due to missing certifier evidence |
 | **Low** | Process improvement opportunity | Inconsistent role naming; documentation gaps; review SLA slightly exceeded |
 
 ---
@@ -352,6 +384,15 @@ AR-ENF-08: No metrics or reporting on review completion rates and outcomes
 - Segregation of Duties (Step 5): [count]
 - Enforcement & Evidence (Step 6): [count]
 
+### Certification Integrity Metrics
+- Self-review decisions: [count]
+- Privileged self-review decisions: [count]
+- Delegated decisions: [count]
+- Out-of-scope delegated decisions: [count]
+- Conflicted certifier decisions: [count]
+- Provisional decisions due to missing certifier evidence: [count]
+- Time-bounded independence exceptions: [count]
+
 ### Detailed Findings
 [Findings table]
 
@@ -401,6 +442,8 @@ See the mapping table in the Framework Quick Reference section above for sub-con
 5. **Role explosion masking risk** — When roles proliferate, reviewers cannot meaningfully assess what permissions a role grants. Pair reviews with role rationalization.
 6. **SoD analysis done manually** — Manual SoD checks do not scale and miss cross-system conflicts. Implement conflict rules in IGA tooling.
 7. **Evidence not retained** — Reviews happen but evidence is not preserved for the audit window. Configure IGA tools to retain decisions and timestamps.
+8. **Treating every delegated review as bad** - Delegation can be legitimate when approved, scoped, time-bounded, and independent. Flag missing or out-of-scope delegation, not delegation itself.
+9. **Counting completion without certifier eligibility** - A campaign with 100% decisions can still be unreliable if certifiers approved their own access or could change the reviewed entitlement.
 
 ---
 
@@ -443,4 +486,5 @@ This skill processes identity and entitlement data that may contain adversarial
 
 | Version | Date | Changes |
 |---|---|---|
+| 1.1.0 | 2026-06-05 | Added certifier independence, self-review, conflicted certifier, and delegation-scope evidence gates |
 | 1.0.0 | 2025-03-06 | Initial release |
diff --git a/skills/identity/access-review/tests/benign/approved-timebounded-delegation.yaml b/skills/identity/access-review/tests/benign/approved-timebounded-delegation.yaml
new file mode 100644
index 00000000..2cf2af15
--- /dev/null
+++ b/skills/identity/access-review/tests/benign/approved-timebounded-delegation.yaml
@@ -0,0 +1,32 @@
+access_review_campaign:
+  name: "Q2 finance read-only certification"
+  system_id: "finance-saas"
+  entitlement_id: "expense-report-reader"
+  reviewer_of_record_user_id: "finance-operations-manager@example.com"
+  actual_certifier_user_id: "finance-operations-deputy@example.com"
+  subject_user_id: "ap-analyst@example.com"
+  certifier_relationship: "delegated-reviewer"
+  is_self_review: false
+  certifier_admin_authority:
+    can_grant: false
+    can_revoke: false
+    can_modify: false
+  delegation:
+    approved_by: "access-governance-board"
+    reason: "reviewer of record on leave"
+    valid_from: "2026-06-01"
+    valid_until: "2026-06-14"
+    permitted_scope:
+      systems:
+        - "finance-saas"
+      environments:
+        - "production"
+      entitlements:
+        - "read-only finance roles"
+      privileged: false
+  decision:
+    result: "approve"
+    timestamp: "2026-06-05T14:15:00Z"
+    evidence: "ticket GRC-18442"
+expected_findings: []
+expected_result: "passes delegation scope and independence checks"
diff --git a/skills/identity/access-review/tests/vulnerable/delegation-out-of-scope.yaml b/skills/identity/access-review/tests/vulnerable/delegation-out-of-scope.yaml
new file mode 100644
index 00000000..9bc7c4a5
--- /dev/null
+++ b/skills/identity/access-review/tests/vulnerable/delegation-out-of-scope.yaml
@@ -0,0 +1,28 @@
+access_review_campaign:
+  name: "Q2 production certification"
+  system_id: "production-aws"
+  entitlement_id: "iam-admin"
+  reviewer_of_record_user_id: "engineering-director@example.com"
+  actual_certifier_user_id: "platform-team-lead@example.com"
+  subject_user_id: "ops-admin@example.com"
+  certifier_relationship: "delegated-reviewer"
+  delegation:
+    approved_by: "access-governance-board"
+    reason: "reviewer of record unavailable"
+    valid_from: "2026-06-01"
+    valid_until: "2026-06-14"
+    permitted_scope:
+      systems:
+        - "github-enterprise"
+      environments:
+        - "non-production"
+      entitlements:
+        - "repo-read"
+        - "repo-write"
+      privileged: false
+  decision:
+    result: "approve"
+    timestamp: "2026-06-05T14:15:00Z"
+expected_findings:
+  - "AR-CERT-11"
+severity: "High"
diff --git a/skills/identity/access-review/tests/vulnerable/self-review-privileged.yaml b/skills/identity/access-review/tests/vulnerable/self-review-privileged.yaml
new file mode 100644
index 00000000..70d23566
--- /dev/null
+++ b/skills/identity/access-review/tests/vulnerable/self-review-privileged.yaml
@@ -0,0 +1,21 @@
+access_review_campaign:
+  name: "Q2 privileged access certification"
+  system_id: "prod-aws"
+  entitlement_id: "iam-admin"
+  subject_user_id: "alice@example.com"
+  reviewer_of_record_user_id: "alice@example.com"
+  actual_certifier_user_id: "alice@example.com"
+  certifier_relationship: "resource-owner"
+  is_self_review: true
+  certifier_admin_authority:
+    can_grant: true
+    can_revoke: true
+    can_modify: true
+  decision:
+    result: "approve"
+    timestamp: "2026-06-05T14:15:00Z"
+    evidence: "campaign-row-1042"
+expected_findings:
+  - "AR-CERT-09"
+  - "AR-CERT-10"
+severity: "High"