Mission
Assure that only the right people and entities have the right access at the right time to enable the organization to securely reach its goals.
Responsibilities
Responsibility | Domain | Category |
|---|---|---|
Assess existing IAM capabilities, define a vision and develop a risk-based IAM strategic roadmap aligned with the organization's goals and obtain top management sponsorship for it | All | GOVERNANCE |
Embrace Identity and Access Management holistically including all IAM domains: Workforce IAM, 3rd Party IAM, Client IAM, Object IAM, Technical IAM or PAM and Physical Access | All | GOVERNANCE |
Assure that the IAM function and program are supervised by and report to adequate governing bodies | All | GOVERNANCE |
Design and implement IAM policies that establishes clear requirements and accountability across all IAM domains | All | GOVERNANCE |
Develop an IAM technological roadmap to sustain the organization's digital transformation | All | GOVERNANCE |
Find, recruit, retain, train, and develop IAM talents | All | GOVERNANCE |
Design and implement authorization processes that assure the legitimacy and appropriateness of access permissions | All | GOVERNANCE |
Assure coverage of IAM processes over the information system by dynamically integrating IT Asset Management inventories | All | IDENTIFY |
Identify and analyze IAM related risks in alignment with the organization's risk management framework | All | IDENTIFY |
Conduct regulatory and industrial watch to identify regulatory, contractual and industrial requirements and best practices | All | IDENTIFY |
Facilitate and provide evidences for internal and external audits on IAM related topics and manage related findings and recommendations | All | IDENTIFY |
Embed IAM requirements by design in the SDLC, Project, and Change Management processes | All | IDENTIFY |
Effectively implement remediation plans to mitigate IAM related risks and remediate findings | All | PROTECT |
Implement and maintain role-based and other access control models in consistency with the organizational structure and due respect for the least privilege and its specialized form the need-to-know principles | All | PROTECT |
Design, implement, operate, and continuously improve IAM controls to efficiently and effectively assure compliance with regulatory, contractual and industrial best practice requirements | All | PROTECT |
Design, implement, and continuously improve privileged and technical access management processes and capabilities to effectively mitigate high privileged access risks | PAM/TAM | PROTECT |
Mitigate fraud and accidents by deploying SoD and toxic rights controls | All | PROTECT |
Deploy authentication mechanisms whose robustness is commensurate with risk | All | PROTECT |
Clean the information system from anomalous identities, including orphaned accounts, and access permissions | All | PROTECT |
Implement an efficient off-boarding process that effectively mitigates the risk of unauthorized access by former employees | Workforce IAM | PROTECT |
| 3rd Party IAM | PROTECT |
| Workforce IAM | PROTECT |
| Workforce IAM, 3rd Party IAM, PAM/TAM | PROTECT |
| All | PROTECT |
| All | PROTECT |
Reconciliate systems with authorizations to identify and act upon anomalous identities and accesses | All | DETECT |
Assure adequate traceability in IAM processes to fullfill compliance and security requirements | All | DETECT |
In coordination with Security Operations, deploy, maintain, and continuously improve monitoring and analytics capabilities to detect anomalous authentication and accesses to deter unauthorized accesses | All | DETECT |
Use data analytics to identify and respond to anomalous identities, accesses, and behaviors | All | DETECT |
In coordination with the CSIRT / Incident Response Team, continuously prepare and improve IAM response capabilities (including SOPs) to effectively contain, and eradicate security incidents when they occur | All | RESPOND |
Suspend anomalous identities and revoke their accesses in response to security incidents in liaison with the CSIRT / Incident Response Team | ||
Investigate the root causes of identity and access anomalies | ||
Contingency planning to recover from large scale incidents? | RECOVER | |
Enhance workforce productivity with efficient staff on-boarding and transfer processes | ||
Leverage the IAM function as an accelerator for |
