Obtain an adequate level of assurance that obsolete or invalid IAM artifacts (i.e. identities, principals, credentials, authorizations) are revoked in a timely manner to assure the validity of the authentication and authorization processes and thus protect the organization from identity or access abuse.
Inputs
Revocation triggers
Identity theft / compromise incidents
Leavers process
Movers process
Re-certification decisions
Revocation requests
System decommissioning
Organization policies
Activities
Warrant revocation triggers to avoid or mitigate business / technical disruptions
Manually or automatically invalidate (e.g. by deactivation, cancellation or removal) IAM artifacts (i.e. identity, principal, credential, authorization) in compliance with and within the delays set by policies
Revoked IAM artifacts (i.e. identities, principals, credentials, authorizations)
Audit logs
Mechanisms of revocation automation
Enforced account lockout policies
If applicable: Information forwarded to relying parties
Indicators
See sub-processes listed under Activities.
Scopes
At the level of an organization entity, program or project, the process scope may be defined using the scope dimensions listed below. But at the organization level, the scope must be embraced holistically to effectively manage revocation risks and consider all of these scope dimensions .
User populations: permanent employees, contractors, partners, customers, consumers, authorities
Identity categories: humans, robots, processes
Principal categories: user accounts, technical accounts, service accounts
Security session mechanisms or not (account lockout policies)
IT Systems (business applications, infrastructure, …)
Organizational scope (region, division, unit, …)
Risks
Leave invalid (e.g.: stolen, compromised, illegitimate, obsolete) IAM artifacts (i.e. identities, principals, credentials, authorizations) vulnerable to abuse
Cause business / technical disruptions by unwarranted (unnecessary, illegitimate) revocations or revocations that did not properly manage organizational or technical dependencies
Unreliable revocation automation leading to a false sense of security
Uninformed relying parties that trust invalid IAM artifacts