Skip to end of banner
Go to start of banner

IAM Manager

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Mission

Assure that only the right people and entities have the right access at the right time to enable the organization to securely reach its goals.

Responsibilities

Responsibility

Category

Assess existing IAM capabilities, develop a risk-based IAM strategic roadmap aligned with the organization's goals and obtain top management sponsorship for it

GOVERNANCE

Embrace Identity and Access Management holistically including Workforce IAM, 3rd Party IAM, Client IAM, Object IAM, Technical IAM or PAM and Physical Access

GOVERNANCE

Assure that the IAM function and program are supervised by adequate governing bodies

GOVERNANCE

Design and implement IAM policies that establishes clear requirements and accountability for IAM topics

GOVERNANCE

Develop an IAM technological roadmap to sustain the organization's digital transformation

GOVERNANCE

Find, recruit, train and develop IAM talents

GOVERNANCE

Design and implement an authorization process that assure the legitimacy and appropriateness of access permissions

GOVERNANCE

Assure coverage of IAM processes over the information system by dynamically integrating IT Asset Management inventories

IDENTIFY

Identify and analyze IAM related risks in alignment with the organization's risk management framework

IDENTIFY

Conduct regulatory and industrial watch to identify regulatory, contractual and industrial requirements and best practices

IDENTIFY

Facilitate and provide evidences for internal and external audits on IAM related topics and manage related findings and recommendations

IDENTIFY

Embed IAM requirements by design in the SDLC, Project, and Change Management processes

IDENTIFY

Assure adequate traceability in IAM processes to fullfill compliance and security requirements

IDENTIFY

Reconciliate systems with authorizations to identify and act upon anomalous identities and accesses

IDENTIFY

Use data analytics to identify and respond to anomalous identities, accesses, and behaviors

IDENTIFY

Effectively implement IAM remediation plans to mitigate IAM related risks

PROTECT

Assure identity proofing and XXX

PROTECT

Implement roled-based and other access control models to assure least privilege

PROTECT

Design, implement, and execute IAM controls to efficiently and effectively assure compliance with regulatory, contractual and industrial best practice requirements

PROTECT

Home office and remote access

PROTECT

Privileged and technical access management

PROTECT

Off-boarding and security

PROTECT

Mitigate fraud and accidents by deploying SoD and toxic rights controls

PROTECT

Deploy authentication mechanisms whose robustness is commensurate with risk

PROTECT

Clean the information system from orphaned accounts

PROTECT

Recertification

PROTECT

Remediate anomalous identities and accesses

PROTECT

Define and implement a password and secrets management policy

PROTECT

  • No labels