1. Yes, the QESSO console offers numerous ways to report on users and applications. Among them, Account reporting allows you to list all users accounts collected by QESSO for a given application:
Audit reporting allows you to see who accessed an application or tried to during certain windows of time:
An example event:
Dashboards offers other metrics that can be visualized in a more graphical way:
2. This is one of the main features of QESSO. Once you manages the user's passwords for their applications (as QESSO does), you can use it to define access rules. Those rules can be defined from within the QESSO console and leverage the company directory. You can grant access based on OUs, groups, or single accounts (users as well as computers).