Skip to main content

Posts

Showing posts with the label Identity Management

Access Management

Access Management sometimes also referred to as ''Rights Management'' or ''Identity Management'' provides authorized users the right to use a service, while preventing access to non-authorized users. Because Access Management essentially executes policies defined in IT Security and Availability Management, these two processes will likely be responsible for defining the appropriate roles within Access Management. It is critically important that well defined interfaces between the business and Access Management are seen as vital to achieving high security standards. Typically, responsibilities of both sides are defined in a dedicated Information Security Policy. As an example, policy may specify that HR will inform Access Management in a timely fashion about employees entering or leaving the company. This should lead to having a single set of policies related to managing rights and access.   The Service Desk may be used as a means to request access to