Data Sheet
Introduction
This page presents a map of IAM processes. Progressively, individual processes will be documented on dedicated pages and links will be provided to facilitate navigation between the map and individual process documentation.
This map does not prescribe one particular organizational structure; that is, IAM process components may be located in or spread among different organizational units.
This map privileges comprehensiveness over consistency; sometimes at the cost of process overlaps. Organizations may of course choose to not implement some processes or to structure them differently.
The objective of this map is to help IAM consultants or managers to check the comprehensiveness of an organization’s existing IAM process model, to design a target IAM process model and to develop an IAM transformation roadmap.
The methodology used to establish this map is described in Mapping the IAM Processes.
Process Map
IAM | Governance | IAM Strategy | ||
Program Management | ||||
General Management | ||||
Anti-Fraud Management | ||||
Physical Security | ||||
Compliance | ||||
Policies, Requirements & Procedures | ||||
Standards Adoption | ||||
Innovation Management | ||||
Support | Self-Services | |||
Support | Core Identities Support | |||
Customer Identities Support | ||||
3rd Parties Support | ||||
Workforce IAM | Identity Management | Joiner Process | ||
Mover Process | ||||
Leaver Process | Normal Leaver | |||
Urgent Leaver | ||||
People Classification | ||||
Block Leaves | ||||
Robots Management | ||||
Authentication Management | MFA Management | |||
Single Sign-On Management | ||||
SmartCards Management | ||||
Tokens Management | ||||
Access Rights Management | Manual Provisioning | |||
Manual Revocation | ||||
Access Automation | ||||
Role Management | Role Engineering | |||
Organization Restructuring Projects | ||||
Role Deployment | ||||
IT Systems Management | IT System Onboarding | |||
IT System Offboarding | ||||
IT System Review | ||||
3rd Party IAM | 3rd Party Onboarding | |||
3rd Party Offboarding | ||||
3rd Party Monitoring | ||||
PAM / TAM | Privileged and Technical Accounts Discovery | |||
Privileged and Technical Accounts Onboarding | ||||
Privileged and Technical Accounts Recertification | ||||
Privileged and Technical Accounts Offboarding | ||||
Customer IAM | To be developed | |||
Audit, Control & Monitoring | Audit | |||
IT Systems Reconciliation | Manual Reconciliation Controls | |||
Reconciliation Automation | ||||
Logs & Events Management | Manual Controls | |||
Use Cases Automation | ||||
Recertifications | Line Manager Recertifications | |||
Resource Owner Recertifications | ||||
Business Role Owner Recertifications | ||||
External Identities Recertifications | ||||
3rd Party Recertifications | ||||
SoD & Toxic Rights | Manual Controls | |||
Control Automation | ||||
IAM Technological Infrastructure Management | IAM Platform & Systems | |||
Identity Repositories | ||||
Systems Integration | ||||
Automation | User and Group Provisioning on to the IAM Platform | |||
Technological Solutions | DevOps | |||
DevSecOps | ||||
Federations | ||||
SLDC | SDK | |||
API | ||||
Micro-Services | ||||
Containers |