Review per-user entitlements by using Azure AD Entitlement management
Create and configure access reviews for groups and apps
Create and configure access review programs
Monitor access review activity
Respond to access review activity, including automated and manual responses
Plan and manage Azure roles in Privileged Identity Management (PIM), including settings and assignments
Plan and manage Azure resources in PIM, including settings and assignments
Plan and configure Privileged Access groups
Manage PIM requests and approval process
Analyze PIM audit history and reports
Create and manage break-glass accounts
Design a strategy for monitoring Azure AD
Review and analyze sign-in, audit, and provisioning logs by using the Azure AD console
Configure diagnostic settings, including Log Analytics, storage accounts, and Event Hub
Monitor Azure AD by using Log Analytics, including KQL queries