A walk through of an IAM program to understand what is involved and how it all flows.
This includes:
- Application Onboarding - Onboard applications into the IAM ecosystem, so that the applications will inherit IAM-related common controls. Where an application cannot be onboarded, the application owner must implement and evidence compensating controls.
- Access Provisioning & Deprovisioning - Addition, update, or removal of access, either automated or manual, as a result of a joiner event, mover event, leaver event, or an approved access request.
- Access Reviews - All of the specific IAM access reviews (accounts, access roles, entitlements, etc.) are performed on schedule and the certifications are stored as evidentiary material. Tools automate access review and certification processes. Access certification tools use workflow processes, identity analytics and business-friendly interfaces to present user and entitlement data to reviewers.
- Authentication - Establishes that a user, application, or system attempting to access a system or application is in control of valid authenticators associated with that account.
- Authorization - The decision whether an account attempting to access system or application resources possesses the entitlements that grant that access.
- Privileged Access Management - The IAM requirements, strategies, processes, and solutions for exerting control over the privileged access for users, accounts, processes, and systems across an IT environment.