Identity and access management IAMT
(new)
Manages identity verification and access permissions within organizational systems and environments.
SFIA 9 is in development
- SFIA 9 beta due in early July 2024
- SFIA 9 planned for publication October 2024
This is a prototype for SFIA 9. It is subject to change before publication.
- Identity and access management was previously part of Security operations SCAD
Disclaimer - prototypes/new skills may be substantially modified prior to launch or may never be released.
Guidance notes
(new)
Activities may include, but are not limited to:
- implementing management (IAM) frameworks in line with organizational goals and compliance with regulations like GDPR, HIPAA, or SOX
- streamlining user authentication with single sign-on solutions and enhancing security with multi-factor authentication
- managing user access rights from onboarding to offboarding, including integration with cloud services, enterprise applications, and directory services like LDAP or Active Directory
- using role-based and attribute-based access controls to manage user privileges and access, aligning with organizational roles and attributes
- implementing privileged access management tools for secure monitoring and control of critical asset access
- handling incident responses related to access issues, like unauthorized access or identity theft, and regularly auditing access to maintain security and compliance
- conducting identity governance and administration to enforce policies, managing digital identities including user accounts, groups, and roles.
Understanding the responsibility levels of this skill
Where lower levels are not defined...
- Specific tasks and responsibilities are not defined because the skill requires a higher level of autonomy, influence, and complexity in decision-making than is typically expected at these levels. You can use the essence statements to understand the generic responsibilities associated with these levels.
Where higher levels are not defined...
- Responsibilities and accountabilities are not defined because these higher levels involve strategic leadership and broader organisational influence that goes beyond the scope of this specific skill. See the essence statements.
Developing skills and demonstrating responsibilities related to this skill
The defined levels show the incremental progression in skills and reponsibilities.
Where lower levels are not defined...
You can develop your knowledge and support others who do have responsibility in this area by:
- Learning key concepts and principles related to this skill and its impact on your role
- Performing related skills (see the related SFIA skills)
- Supporting others with tasks (generic examples are provided by the essence statements for each level)
Where higher levels are not defined...
- You can progress by developing related skills which are better suited to higher levels of organisational leadership.
Levels
Defined at these levels: | 1 | 2 | 3 | 4 | 5 | 6 |
Click to learn why SFIA skills are not defined at all 7 levels.
Show/hide extra descriptions and levels.
Identity and access management: Level 1
(new)
Performs basic IAM tasks, including user account lifecycle management, under supervision.
Maintains accurate records and follows established IAM protocols.
Identity and access management: Level 2
(new)
Provides assistance for IAM operations, including automated role allocation and access control management.
Engages in user identity lifecycle management, including account creation and deletion.
Facilitates operation of IAM tools and self-service portals.
Identity and access management: Level 3
(new)
Administers standard IAM services, implementing policies and resolving related issues. Manages monitoring, audits, and logging for IAM systems.
Assists users in defining their access rights and privileges. Designs and implements simple IAM solutions, enhancing user access security.
Investigates minor security breaches in accordance with established procedures related to IAM.
Contributes to the enhancement and optimization of existing IAM processes and systems.
Identity and access management: Level 4
(new)
Designs and implements complex advanced IAM solutions, focusing on automated access control and role allocation.
Oversees the integration of IAM services with new technologies.
Provides specialised support for complex IAM operations and support implementation of policies and standards.
Collaborates with stakeholders to align IAM with business objectives and emerging security trends.
Identity and access management: Level 5
(new)
Offers authoritative advice on IAM, ensuring services align with and support evolving business needs and security protocols.
Manages large-scale IAM initiatives and oversees the integration of IAM services with new technologies, enhancing security and operational efficiency.
Leads operational planning for IAM, anticipating future trends and preparing the organization for scalable growth.
Ensures IAM systems' compliance and oversees advanced monitoring and audit processes.
Identity and access management: Level 6
(new)
Shapes and defines organisation-wide IAM policies, ensuring alignment with business strategies and security requirements.
Champions IAM best practices, advocating for robust and innovative IAM solutions across the organization.
Influences and guides organizational IAM governance, integrating emerging technologies and regulatory compliance into IAM strategies.
Reviews and advises on IAM aspects and implications of new business initiatives.