Delegated construction and maintenance of Orgchart data - Hitachi ID Identity Manager
Hitachi ID Org Manager is a component of Hitachi ID Identity and Access Management Suite which is automatically enabled
for every Hitachi ID Identity Manager licensee.
In many organizations, data connecting users to their managers is
incomplete and/or outdated. This can make it difficult to deploy
identity management and access governance automation, which may
depend on the relationship between users and their managers to
automate authorization, escalation and certification processes.
Org Manager, included with Identity Manager, helps organizations to construct
and maintain complete and accurate data mapping every user to their
Org Manager constructs and updates OrgChart data with:
- Automated invitations to managers:
Managers are automatically invited to review and update a list of
their direct reports. Managers can:
- Attach users with no known manager to their list.
- Transfer users to other managers.
- Request that users who report to other managers be transferred to them.
- Flag users who have been terminated.
- Identify the subordinates who are managers as well (i.e., have their
- Electronic signatures:
Org Manager requires managers to sign off on their list of subordinates.
Signatures act as evidence that a manager has completed their review
and made any required corrections.
- Top-down OrgChart construction:
Once a manager has signed off on their list of subordinates,
lower-level managers are automatically invited to perform the same
review of their own list of subordinates.
- Escalation and reminders:
Managers who fail to respond to an invitation from Org Manager to
review their list of subordinates are automatically sent reminders.
After N reminders, an alternate user is invited to act in update
the original manager's list.
- HR and Directory integrations:
Org Manager can import OrgChart data from an LDAP directory, from
Active Directory or from an HR system, such as SAP HR or PeopleSoft.
When managers sign off on updated lists of subordinates, these
can be written back to AD or LDAP.
Org Manager includes a variety of built-in reports, that
are used to answer questions such as:
- Who reports to user X?
- Who does user Y report to?
Org Manager is an enabling technology -- helping organizations to
cost-effectively construct and maintain OrgChart data, which can be
subsequently be used to automate identity management and access
governance processes such as change authorization, approvals
escalation and access certification.
- Access Governance:
Assigning appropriate initial security entitlements, monitoring and controlling the security rights of users and prompt/reliable access deactivation using Hitachi ID Identity Manager access governance.
- Automated User Provisioning and Deactivation:
Automated propagation of changes to user profiles from systems of record (such as HR) to target systems (such as Active Directory, Exchange, RAC/F and more).
- Identity Synchronization:
Synchronizing identity attributes such as names, department codes and phone numbers between multiple systems and applications.
- Self-service Profile Updates and Access Requests:
A self-service portal allows users to update their profiles and request access to applications and resources.
- Delegated Security Administration:
Enabling business stake-holders such as managers and application owners to manage users and entitlements directly, without involving IT.
- Access Certification:
Periodically inviting managers and application owners to review lists of users and security entitlements, either certifying them as still-appropriate or asking that they be removed.
- Access Request Portal:
A web portal where users can submit change requests on behalf of themselves or others.
- Authorization Workflow:
All change requests, regardless of where they originated, may be subject to approvals before being implemented.
- Role-based Access Control:
Assigning security entitlements to users indirectly, through roles can reduce the cost of ongoing administration and simplify the change management user interface.
- Standardizing User Entitlements:
Ensuring that new users and newly created accounts are configured in compliance with corporate standards.
- Self-service management of security group membership:
Self-service management of thousands of AD groups using the built-in component Group Manager.
- Delegated construction and maintenance of Orgchart data:
Self-service construction and maintenance of OrgChart data using the built-in component Org Manager.
- Report on Users and Entitlements:
Organizations can run report to list users, entitlements, change history and more across every application.
- Automated Connectors and Human Implementers:
A rich set of connectors and a built-in process to invite system administrators support rapid deployment of the solution to all systems and applications.