Identity Management

The following table summarizes the IT Service lifecycle for the capability. These important underlying activities ensure the functional use cases, and hence the capability supported by the configured technical solution and defined policies and procedures:
cislp142
Aspect
Description
Capability
The management of individual principals, their authentication, authorization, and privileges with or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime, and repetitive tasks.
Content/Enabling Technology
  • CA Identity Manager
Foundation Services – Primary Use Cases
  • Create Employee (by HR)
  • Modify Employee (Self-Modify)
  • Terminate Employee on End Date (Automatic)
  • Create Contractor (by Manager)
  • Extend Contractor (by Manager)
  • Modify Contractor (by Manager)
  • Terminate Contractor on End Date (Automatic)
  • Reset User Password (by help desk)
  • Set Security Questions
  • Forgotten Password
Acceleration Services – Primary Use Cases
  • Externalize User Store
  • Provision User to Endpoint
  • Synchronize Endpoint Management
  • Generate Report
  • Regulate Password Format
  • Assign Access Profiles
  • (Automate) User Feed
  • Audit Event Management
  • Generate Event Notifications
  • Generate Reports – User Activity
The following table summarizes the IT Service lifecycle for the capability. These important underlying activities ensure the functional use cases, and hence the capability supported by the configured technical solution and defined policies and procedures:
IT Service Life Cycle
Description
Model
Define and Model either manually or automatically:
  • Define and model identity management policies
  • Define and model email policies, configuration, notifications, and workflows rules to support the identity management capability.
  • Define and model role assignment rules, access privilege patterns, and business rules
Assemble
Configure models either manually or automatically:
  • Configure policies
  • Configure role assignment rules
  • Configure access privilege patterns
  • Configure business rules
  • Configure integration with target/end applications
Automate
According to the defined models either manually or automatically configure the tool to support:
  • Deploy and assign policies and rules
  • Retrieve end applications' account information and store into centralized store
Assure
According to the defined models and policies:
  • Monitor and report policy enforcement status per user and per end application
  • Certify user access periodically and enforce business rules
Secure
According to the defined policies secure access to the solution:
  • Authenticate/Authorize users and allow Access to entitled data
Manage
According to the defined policies manage the solution itself:
  • Monitor Operating Systems and associated processes/services.
  • Monitor the application (product or solution) and associated processes/services
  • Monitor Database Management System and associated processes/services
  • Schedule and perform backups of all servers
  • Schedule and perform regular recovery tests of all servers.