What are the key processes comprising the solution?
To describe the functionality of the solution, it may be simpler to look at the core processes which enable the management of access. These processes illustrate consecutively the lifecycle in managing an access. Defining the access catalogue The definition of the access catalogue is the first step in the configuration of the access governance assured platform. The access catalogue can be populated with four object types: containers, resources, access and roles. Requesting and approving access
The request for access is made by any personnel with access to the system. The process below illustrates how the access is requested.
Once all the required approvals have been received, the request will be provisioned via the relevant method assigned to the access. Typically this will be either via the service desk, or automated provisioning via a Identity Manager implementation. To ensure that access assignments are kept current, rules can be defined to trigger an attestation of the assignment if any personnel information within the solution is changed. The information change will be provisioned into the solution from authoritative personnel records through an Identity Manager implementation.
A triggered attestation will be routed to the relevant line manager for review. Access assigned will be shown, grouped per resources. Each access must be approved or revoked. |
iam-AGA >