Tuesday, November 08, 2011

Self-service Provisioning with Quest One Identity Manager

There’s a great 5 minute video that gives a nice overview of the self-service provisioning capability within Quest One Identity Manager. I’ve embedded it below or you can get to it here. There are a few key things worth highlighting about this demo that I think you’ll be interested in so watch for:
  • How Scott Harris – the approver of Candice Clark being provisioned – is given an indication that there are no separation of duty (SOD) conflicts apparent if Candice is provisioned. What is cool here is that this SOD check is built right into the approval request. This helps move compliance front-and-center to the business manager who is responsible for approving the request.
  • Scott can also easily see the history of the request. In a more complicated scenario Scott would be able to see who else was involved in the workflow request, who initiated the request and via the same interface Scott can also see the next decision steps for the workflow.
Rather than different interfaces for compliance and complex workflows it is possible for business managers to easily understand that they have provisioning requests waiting for them, why they got the request, if approving the request would violate any compliance rules and who else might be involved in approving the request.

These types of capabilities really enable business owners in an organization to participate fully in their company’s identity and access governance initiatives.