Mission
Assure that only the right people and entities have the right access at the right time to enable the organization to securely reach its goals.
Responsibilities
Responsibility | Category |
---|---|
Assure that only the right people or entities have the right access at the right time to enable the organization to securely reach its goals | GOVERNANCE |
Assess existing IAM capabilities, develop a risk-based IAM strategic roadmap aligned with the organization's goals and obtain top management sponsorship for it | GOVERNANCE |
Embrace Identity and Access Management holistically including Workforce IAM, 3rd Party IAM, Client IAM, Object IAM, Technical IAM or PAM and Physical Access | GOVERNANCE |
Develop an IAM technological roadmap to sustain the organization's digital transformation | GOVERNANCE |
Find, recruit, train and develop IAM talents | GOVERNANCE |
Design and implement an authorization process that assure the legitimacy and appropriateness of access permissions | GOVERNANCE |
Assure coverage of IAM processes over the information system by dynamically integrating IT Asset Management inventories | IDENTIFY |
Identify and analyze IAM related risks in alignment with the organization's risk management framework | IDENTIFY |
Conduct regulatory and industrial watch to identify regulatory, contractual and industrial requirements and best practices | IDENTIFY |
Facilitate and provide evidences for internal and external audits on IAM related topics and manage related findings and recommendations | IDENTIFY |
Embed IAM requirements by design in the SDLC, Project, and Change Management processes | IDENTIFY |
Assure adequate traceability in IAM processes to fullfill compliance and security requirements | IDENTIFY |
Reconciliate systems with authorizations to identify and act upon anomalous identities and accesses | IDENTIFY |
Use data analytics to identify and respond to anomalous identities, accesses, and behaviors | IDENTIFY |