...
Responsibility | Category | ||||||
|---|---|---|---|---|---|---|---|
Assure that only the right people or entities have the right access at the right time to enable the organization to securely reach its goals |
| ||||||
Assess existing IAM capabilities, develop a risk-based IAM strategic roadmap aligned with the organization's goals and obtain top management sponsorship for it |
| ||||||
Embrace Identity and Access Management holistically including Workforce IAM, 3rd Party IAM, Client IAM, Object IAM, Technical IAM or PAM and Physical Access |
| ||||||
Develop an IAM technological roadmap to sustain the organization's digital transformation |
| ||||||
Find, recruit, train and develop IAM talents |
| ||||||
Design and implement an authorization process that assure the legitimacy and appropriateness of access permissions |
| ||||||
Assure coverage of IAM processes over the information system by dynamically integrating IT Asset Management inventories |
| ||||||
Identify and analyze IAM related risks in alignment with the organization's risk management framework |
| ||||||
Conduct regulatory and industrial watch to identify regulatory, contractual and industrial requirements and best practices |
| ||||||
Facilitate and provide evidences for internal and external audits on IAM related topics and manage related findings and recommendations |
| ||||||
Embed IAM requirements by design in the SDLC, Project, and Change Management processes |
| ||||||
Assure adequate traceability in IAM processes to fullfill compliance and security requirements |
| ||||||
Reconciliate systems with authorizations to identify and act upon anomalous identities and accesses |
| ||||||
Use data analytics to identify and report respond to anomalous identities, accesses, and behaviors |
| ||||||