Tivoli Identity Manager provides self-service interfaces so that users can manage common tasks, such as resetting passwords and requesting access to new systems.
More detailed information about Tivoli Identity Manager can be found in the IBM Redbooks publication Identity Management Design Guide with IBM Tivoli Identity Manager, SG24-69968.
The IBM ISS Identity and Access Management Services9 offerings can help you design, implement, deploy, and maintain an integrated identity management system in your organization as well as manage your identity processes as a managed service.
Level 2: Compliant
Maturity level 2 adds an emphasis on process transparency and managing evidence to deliver proof to auditors that the processes are in place and effective. Tivoli Identity Manager's audit trail and reporting capabilities provide reporting about the execution of the Tivoli Identity Manager processes.
Tivoli Identity Manager is also integrated with the IBM Tivoli Security Information and Event Manager10 product, which collects and manages security audit related information from a wide variety of sources. Tivoli Security Information and Event Manager can integrate with the Tivoli Identity Manager directory so that Tivoli Security Information and Event Manager can be used to monitor the actions of Tivoli Identity Manager administrators. Furthermore, Tivoli Security Information and Event Manager can compare the audit trail of activity in Tivoli Identity Manager with audit trails from managed IT systems to detect when administrators in managed IT systems have attempted to bypass the Tivoli Identity Manager-established business processes for managing access to the system.
Using both the built-in Tivoli Identity Manager reporting function and the integration with Tivoli Security Information and Event Manager, the organization can demonstrate to auditors what the documented business process is for managing access to the IT systems, show audit trail reports that show the process is being followed, and demonstrate that the organization has the capability to detect when someone attempts to bypass the process.
Level 3: Consolidated
At maturity level 3, the offboarding policy is consolidated and standardized across the organization. At this maturity level, there is also at least some common infrastructure used by the entire organization to implement the offboarding processes.
There are several possible approaches for consolidation in offboarding processes, and each is described in the following sections:
On/offboarding service bus
HR systems and emergency block application
Offboarding event audit server
This IBM Redbooks publication can be found at the following Web site: http://www.redbooks.ibm.com/abstracts/sg246996.html?Open More information about this offering can be found at the following Web site: http://www.ibm.com/services/us/index.wss/offerfamily/gts/a1027701 More product information about Tivoli Security Information and Event Manager can be found at the following Web site: http://www.ibm.com/software/tivoli/products/security-info-event-mgr/