Description
The Workforce Long Leaver Process is the process that receives announcements by designated authorities of workers’ long leaves and adapts their identities and access permissions. Its fundamental goals are to sustain the organization’s productivity while assuring security.
Key Requirements
Sustain the organization’s productivity by assuring a smooth transition of the worker from her activity period to her inactivity period and back to her activity period again.
Mitigate security risks caused by unauthorized access.
Assure clear accountability throughout the overall process.
Modes
Planned Long Leaver: This mode contrasts with the Immediate Long Leaver mode. It takes place when the long leave is announced early enough for the normal process to take place. Sample circumstances of planned long leaver are planned medical intervention requiring prolonged absence, parental leave, or sabbatical leave. Acceptable delays for planned long leaver should be documented in the IAM Workforce Policy.
Immediate Long Leaver: This mode contrasts with the Planned Mover mode. This mode takes place when the circumstances are such that the long leaver cannot be announced within expected delays and takes place immediately or faster than normally expected. Sample circumstances of immediate long leaver are sudden medical or personal conditions requiring prolonged absence. In this mode, the pressing urgency of the situation may lead to errors, inefficiencies, and/or security issues. A mature process should be able to cope with this mode and implement adequate controls to correct errors and security issues.
Triggering Events
Timeline
Mover Decision
Mover Announcement
Preparation Period
Effective Move Date
Transition Period
Process Completion
Key Activities
Facilitate a smooth transition: When necessary and within the limits of security requirements, identify the identities and access permissions linked to the worker’s previous function that will be needed after the move date and during the transition period to assure a smooth transition and adequate knowledge transfer, and post-pone their revocation to the end of the transition period.
Identification and deactivation or revocation of identities and access permissions: Assure that the identities and access permissions that are no longer required by the worker’s new function are revoked. Business roles are a fundamental facilitator for this activity.
Identification and provisioning of new identities and access permissions: Assure that the identities and access permissions required by the worker’s new function are provisioned. Business roles are a fundamental facilitator for this activity.
Access Recertification: Depending on the organization’s access recertification policy, trigger the required access recertifications.
Main Output
Alternative Outputs
After process start, circumstances may change before process completion, leading to the following alternative outputs:
Canceled Long Leaver: When the announced change of function is canceled and the worker finally stays at his original function.
Long Leaver to (Permanent) Leaver: When the announced change of function is canceled because the worker leaves the organization.
Long Leaver to Mover: When the newly announced function is modified for yet another function.
The exceptional nature of the above alternative outputs may lead to errors, inefficiencies, and/or security issues. A mature process should be able to smoothly manage the process transition and implement adequate controls to correct errors and security issues.
Key Indicators
- Document the Workforce Long Leaver indicators