# 45 Mandatory-absence review

> v0.0.1 · role: Detect · [policy: #30 · #2](https://docs.google.com/spreadsheets/d/1nOztaPd1Y7eNeRSR_hdovYy-ncpx-bAx/edit?usp=sharing&ouid=115159875779023172526&rtpof=true&sd=true)

Finance and admin staff are required to take real, contiguous leave, and while they are away someone else reviews what their account does: sessions rotated, mailbox delegations and forwarding rules inspected, activity checked. Fraud and quiet persistence both depend on the perpetrator being present to suppress the evidence, and an enforced absence takes that away. It is an HR and employment-terms control with no console surface.

## Caveats

- The whole detection value is in the review that happens during the absence — that is the step organisations skip, and without it the leave is just leave.
- It detects, it does not prevent — irregularities surface after the fact, so it belongs alongside the technical controls that would have stopped them, not instead of them.

_Process control — carried out offline; no Admin Console walkthrough._

## Ongoing maintenance

- **[requires a human]** Annually per covered role: schedule the absence and run the review while access is suspended.

## How to verify

1. Check every covered role has a scheduled contiguous absence in the last cycle and that the review-during-absence produced a written result.
