Conditional Access Policy Modification Procedure

This admin procedure will provide a brief overview on modifying an existing conditional access policy.

What are Conditional Access Policies

Conditional Access policies at their simplest are if-then statements, if a user wants to access a resource, then they must complete an action.

Administrators are faced with two primary goals:

• Empower users to be productive wherever and whenever.
• Protect the organization's assets.

Use Conditional Access policies to apply the right access controls when needed to keep your organization secure.

Procedure Scope: Administrators

Required Group Membership: Admin.UserSecurity

Modifying a Conditional Access Policy

1. Navigate to Conditional Access – Azure Active Directory, locate the policy you wish to alter.
   
2. Upon opening the conditional access policy, 4 points of interest will be available to Edit. You can modify the sections as needed.
   1. Basics: Adjusts non-functional items of the policy, such as the Name.
      
   2. Assignments: Controls access based on who the policy will apply to such as users and groups, all or specific cloud apps or actions, or conditions which define when the policy will apply.
      
   3. Access Controls: Block access or select additional requirements which need to be satisfied to allow access or enable limited experience within cloud applications.
      
   4. Enable Policy: Specifies if the policy will be in a dormant state or an enforcement state.
      
3. After editing any of the settings listed, saving of settings will be done by clicking the Save button. The conditional access policy has been adjusted at this point. Propagation to endpoints can range from 20 – 240 minutes, depending on the policy.
   

You're Finished!