Identity Management is about 3 things:
- Identity life-cycle
- Provisioning accounts
- Access requests and approval
This discussion is to provide a framework for the Identity Life-Cycle, and the data needed in IM to support this. The life-cycle is implemented in IM as processes to support JML (Joiner, Mover Leaver).
Typical processes include:
- Mover (change user type, job, manager)
- Change name
- Suspend (inactive, long-term-leave)
- Resume (from leaver or inactive)
NOTE: these processes are often not just single events, but can span several IM Tasks – from a request, to several actions over time.
The aim of this document is to suggest a set of attributes that may be used to support these processes. A new project could include these attributes (as a starting point) knowing that it can support usual JML processes.
NOTE: more attribute may be needed, because of specific requirements at any organisation.