Module Summary

What you built in Module 0

Seven sections took you from "identity is managed in this tenant" to a data-backed understanding of where governance exists and where it's absent. You ran the queries. You have your numbers.

A governance baseline for your own tenant — specific percentages for attribute coverage, lifecycle stage maturity, permission creep, non-human identity inventory, and access review quality. These numbers are the "before" in the before-and-after comparison the capstone produces.

Six reusable diagnostic scripts — identity census, lifecycle stage assessment, permission creep analysis, review quality evaluation, non-human identity census, and stale identity detection. These run in minutes and produce the data governance decisions are based on.

The three diagnostic questions — why does this identity have this access, when was it last reviewed, who is accountable — that you'll apply to every governance decision for the rest of the course.

The NE lab environment — 15 persona accounts with deliberate attribute gaps, 13 groups with varying governance states, 7 app registrations, 5 guest accounts, and admin role assignments that reproduce the separation of duties gap.

The program package structure — five components (ADRs, governance cadences, risk register, compliance evidence, executive summary) ready to receive artifacts from Module 1 onward.

What Module 1 builds

Module 1 — The Entra ID Identity Ecosystem — turns the diagnostic data from Module 0 into documented decisions. You'll examine every identity type as a governance object, map the data model that lifecycle automation depends on, measure data quality as a governance prerequisite, design group architecture, scope administrative units for delegation, model licensing costs, and produce the first governance state assessment with ADRs and risk register entries.

The transition from "I know where the gaps are" to "I've documented the gaps and started building the program" happens in Module 1.