Workforce Long Absence Process
Workforce Long Absence Process
process
Description
The Workforce Long Absence Process is the process that receives announcements by the organization’s designated authorities of workers’ long absences and adapts their identities and access permissions according to the organization’s policy and in compliance with operational level agreements (OLA). Its fundamental goals are to sustain the organization’s productivity while assuring security in compliance with applicable policies and regulations.
The general assumption behind this process is that absentees are often no longer authorized to access or execute operations on the organization’s information system. This requirement may stem from the least privilege or need-to-know principles, contractual obligations, and/or legal requirements. Accordingly, the absentee’s identities and/or access permissions may be required to be deactivated or revoked. Meanwhile, it is desirable that once the absentee returns, her identities and/or access permissions be quickly restored to sustain productivity.
The Workforce Long Absence Process is thus the process that assures efficient and effective management of absences as it relates to identities and access permissions.
Key Requirements
Sustain the organization’s productivity by assuring a smooth transition of the worker from her activity period to her inactivity period and back to her activity period again.
Mitigate security risks caused by unauthorized access.
Assure clear accountability throughout the overall process.
Modes
Planned Long Absence: This mode contrasts with the Immediate Long Leaver mode. It takes place when the long leave is announced early enough for the normal process to take place. Sample circumstances of planned long leaver are planned medical intervention requiring prolonged absence, parental leave, or sabbatical leave. Acceptable delays for planned long leaver should be documented in the IAM Workforce Policy.
Immediate Long Absence: This mode contrasts with the Planned Mover mode. This mode takes place when the circumstances are such that the long leaver cannot be announced within expected delays and takes place immediately or faster than normally expected. Sample circumstances of immediate long leaver are sudden medical or personal conditions requiring prolonged absence. In this mode, the pressing urgency of the situation may lead to errors, inefficiencies, and/or security issues. A mature process should be able to cope with this mode and implement adequate controls to correct errors and security issues.
Triggering Events
The announcement of the worker’s long leave by the organization’s designated authority.
Inputs
The identity of the long leaver
When available, the planned date of return
Timeline
Mover Decision
Mover Announcement
Preparation Period
Effective Move Date
Transition Period
Process Completion
Key Activities
Facilitate a smooth transition: When necessary and within the limits of security requirements, identify the identities and access permissions linked to the worker’s previous function that will be needed after the move date and during the transition period to assure a smooth transition and adequate knowledge transfer, and post-pone their revocation to the end of the transition period.
Identification and deactivation or revocation of identities and access permissions: Assure that the identities and access permissions that are no longer required by the worker’s new function are revoked. Business roles are a fundamental facilitator for this activity.
Identification and provisioning of new identities and access permissions: Assure that the identities and access permissions required by the worker’s new function are provisioned. Business roles are a fundamental facilitator for this activity.
Access Recertification: Depending on the organization’s access recertification policy, trigger the required access recertifications.
Main Output
Returned Worker
Alternative Outputs
After process start, circumstances may change before process completion, leading to the following alternative outputs:
Canceled Long Leaver: When the announced change of function is canceled and the worker finally stays at his original function.
Long Leaver to (Permanent) Leaver: When the announced change of function is canceled because the worker leaves the organization.
Long Leaver to Mover: When the newly announced function is modified for yet another function.
The exceptional nature of the above alternative outputs may lead to errors, inefficiencies, and/or security issues. A mature process should be able to smoothly manage the process transition and implement adequate controls to correct errors and security issues.
Key Indicators
Version
1.0 Draft
Process Map
Parent Process
Related Processes
Access Recertification
Role Engineering
Quotes
Quotes are only available to subscribed users.
Filter by label
There are no items with the selected labels at this time.
Bibliography
-
Everett, 2011 (Bibliography)
-
KPMG and Everett, 2009 (Bibliography)
-
Mowll, 2016 (Bibliography)
-
Osmanoglu et al., 2013 (Bibliography)
-
Young, 2004 (Bibliography)
See Also
-
Workforce Mover Process (Processes)
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.