- Who? (Types of users):
Employees, contractors, vendors, partners, customers.
- Why? (Business events):
Hire, move, change job function, terminate.
- What? (Change types:)
Create/move/disable/delete user, update identity data and
entitlements, reset passwords.
- Where? (Applications:)
AD, Exchange, Notes, ERP, Linux/Unix, database, mainframe,
Slow onboarding, change fulfillment.
Many FTEs needed to implement security changes.
Unreliable access termination, inappropriate user
entitlements. Enforce SoD policies.
Who has access to what? How/when did they get it?