Skip to main content


Showing posts from April, 2010

Successful Certification

Certification in identity management is generally used to confirm or revoke existing user accounts and HR information.  The focus being on existing accounts is used to distinguish between general access request approval workflows and post approval workflows.  During the access request phase a manager or IT owner will approve or reject whether someone should have additional access to a system.  This is not a new concept and was managed perfectly well, long before this process was automated using provisioning solutions.

Certification or attestation is more concerned with analysing users who have already been granted access to a current system.  This periodic post approval process is more to do with seeing if previous access request actions are still needed.  This also leads to other analytical steps such as identifying users who may have moved jobs, or left the organisation.  Another useful bi-product of analysing existing users is to locate what's known as 'orphan accounts'…