#1473 Establishment of the Skill Identity and Access Management change request pending
In our SFIA Assessments in serveral organizations, we lacked a way to adequately represent the topic of Identity and Access Management. We find IAM partially in the SCAD, but this leads to a mixing of security operations and IAM, which can result in incorrect / incomplete reports and conclusions. We suggest an dedicated Identity and Access Management Skill.
In our SFIA Assessments in serveral organizations, we lacked a way to adequately represent the topic of Identity and Access Management. We find IAM partially in the SCAD, but this leads to a mixing of security operations and IAM, which can result in incorrect / incomplete reports and conclusions. We suggest an dedicated Identity and Access Management Skill. The skill could include tasks like:
- Creating, updating and deleting user accounts
- Establishing and updating (automated) access controll and procedures, policies and rules
- Establishing and updating (automated) role allocation and procedures, policies and rules
- Establishing Monitoring, Audits and Logging
- Establishing Single Sign On
- Establishing Multi-Factor Authentification
- Identity Life Cycle management
- Operation and Maintanence of IAM Tools and Self Service portals
The level advancements could be based on the scope (for one, serverall or all IT-Systems in an organization) and responsibilities (e.g. assisting, suggesting, deciding).
After Level 4 you could add further tasks like
- Responsibility for the overall integration in the whole IT Landscape
- Responsibility for overall Compliance (e.g. EU GDPR)
Proposed change applies to Security operations
Current status of this request: pending