Built-In Standard Processes
Foundational to the success of any identity management and access governance project is a good understanding and modelling of business processes. This requires a core understanding of the relationship of identities to entitlements, to business roles processes and the organizational structure, and relies to a large extent on automated processes.
Omada Identity is based on Omada’s process reference model which is built on concepts from COBIT and other process frameworks. Built- in processes are available for identity lifecycle management, access management, and business alignment. All functional areas are bookended with full governance and administration processes for a complete IGA solution.
Omada IdentityPROCESS+ best practice processes
The IdentityPROCESS+ framework covers a wide range a related processes based on commonly used practices. As an example identity lifecycle includes standard processes for onboarding an employee, a contractor or third party. Likewise, for governance, there are lifecycle processes for the identities, system owners, role owners, and application owners.
The IdentityPROCESS+ framework covers the challenges that organizations meet when they are dealing with:
- Documentation of who has access to which IT data and information resources
- Ensuring that changes to employees and contractors work, implies changing which information resources they have access to
- Improving efficiency in providing the right people with the right access at the right time
- Raising awareness and understanding of information security in organizations by Performing necessary ad hoc and periodic reviews of employees and contractors access to information resources
- Maintaining good information security by ongoing reconciliation of expected versus actual access to information resources
- Maintaining good information security in an ever-changing technical environment.
Best-Practice Processes for Core IAM / IGA functionality
Omada IdentityProcess+ covers all of the following process areas:
- Identity lifecycle management
- Access Management
- Application lifecycle management
- Self-service access request and approval workflows
- Recertification / attestation
- Role, policy and separation of duties (SoD)
- Governance, compliance and audit reporting
- Security breach management
- Password management
Omada IdentityProcess+ framework offers a policy- and business process-centric approach. It allows the creation of logical applications and access policies that the business can read and understand. By defining which processes include the most business critical access policies in systems and applications, it is possible to prioritize the most critical systems to ensure that existing system access and new access requests are driven by business policies and compliance requirements.