- Business users don't understand or care about entitlements,
identities or governance ... but
- Their input is essential:
- Self-service -- manage security questions and passwords.
- Request input -- for themselves or others.
- Authorization -- approve or reject change requests.
- Access certification -- review entitlements of others.
- Need to maximize comprehension and minimize time spent.
- Simple self-service UI.
- Roles: request sets of entitlements with a friendly name.
- Pre-defined requests: simplify common transformations, such as
change of address, scheduled termination, etc.
- Windows shell extension and SharePoint integration: trigger
requests from "access denied" error dialog.
- "Model after" UI: compare entitlements between two users.