All Research
Advisory Note

Why don't you like this?

I like this
I don't like this

Enterprise role management done right

Martin Kuppinger
Matthias Reinwarth
Role-based access control (RBAC) has become an important part of Access Management and Access Governance. However, defining, implementing and maintaining an enterprise role model remains a substantial task and many projects fail. This document describes best practice approaches towards the right data model, efficient processes and an adequate organization for implementing role management as the foundation for achieving administrative efficiency and maintaining regulatory compliance.

1 Management Summary

Managing access to resources within an organization is one of the essential tasks in Identity and Access Management Systems (IAM). Being able to access an application system and to use an adequate subset of its functionalities usually requires the execution of administrative tasks within the individual application which provide the required authorisation to a user and his or her associated account. The entirety of the required access for an individual user is defined by the set of all business processes that need to be executed and covers a variety of access rights across a multitude of systems technically reflecting the functionalities associated with the individual business processes.

Many organizations choose to create an enterprise role design breaking down existing complexity into manageable roles as both tool for organizational processes and to achieve efficient security management. However, defining, implementing and maintaining an enterprise role model remains a substantial task and many projects fail.

This Advisory Note presents KuppingerCole’s approach towards Enterprise Role Management. It emphasises a fully strategic approach that is strictly deploying a top-down methodology which derives business roles from the entirety of business processes by identifying relevant actors within these processes. By applying stepwise refinement these business roles are subsequently mapped to system-level roles as provided through a clearly defined interface to target systems.

Defining, implementing and continuously maintaining Enterprise Role Management processes requires a strong and consistent organization involving various stakeholders across the enterprise structure and has to rely on substantial, consistent and strategic management support. Role Management processes which are not fully embedded in an organisation’s administrative processes are typically destined to fail due to a lack of enterprise commitment.

Full article is available for registered users with free trial access or a paid subscription.
Log in
Become a Member and read on!
Create an account and buy a Membership package or use our 7-days free trial period to access this and 600+ other in-depth and up-to-date insights.
Register and request your 7-day free trial
Register
Already convinced? Check out our packages
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use