ID | OM-IND-0010 |
---|
Process | Revocation Automation (Process - IAM) |
---|
Indicator | Revocation Automation Ratio |
---|
Version | 1.0 1 Status |
---|
colour | Blue |
---|
title | Ready for peer review |
---|
|
|
---|
Formula | Where: is the set of IT systems in the scope is the set of IT systems for which revocation is automated is the set cardinality function
|
---|
Benchmarking | This indicator is improper for benchmarking unless scopes are comparable. Thus, reporting of this indicator must always be accompanied with its scope definition. |
---|
Rationale | The ratio of revocation automation shows the extent to which revocation has been automated. Assuming that automation accelerates and makes revocation more reliable, it is expected that a high revocation automation ratio leads to higher productivity, strengthened security and reduced risks. |
---|
Guidelines | IT Ass |
---|
Stakeholders | IAM Manager CISO IT Risk Managers
|
---|
Scopes | This indicator may be specialized for different scopes. See Revocation Automation (Process - IAM) for typical scopes. |
---|
Negative Effects | In certain circumstances, the economical benefits of automation may be unjustifiable (e.g.: when processing low volumes of IAM artifacts on non-sensitive IT systems). Pursuing this indicator blindly could lead to economical waste. Poorly implemented automation may lead to new risks, e.g. silent automation errors leading to a false sense of security, automation mechanisms that are vulnerable to compromission or lead to denial of service. Blind spot: the ratio version of the indicator hides newly setup and decommissioned IT systems.
|
---|
Data Sources | IT System inventory CMDB IAM software platform
|
---|
See Also | |
---|