Access Manager

From IT frameworks

Jump to: navigation, search

Contents

Job Description for the position of Access Manager

Access Management is a discipline in IT service management. Access Management is rarely a separate role in organizations. The functions of Application and Technical Management usually perform the predefined activities in the Access Management process as defined by Service Design.

The role of Access Manager is to ensure the goals of the Access Management process are achieved. The main objective is to grant authorized users the right to use a service while preventing access to non-authorized users in order to protect the CIA of information and infrastructure:

  • Confidentiality (Only authorized users have access to the information)
  • Integrity (Information is accurate and up to date)
  • Availability (Information is available when expected)

Access Management provides the right (permission) for users to be able to use a service or group of services. It is therefore the execution of policies and activities defined in Service Design (Information Security Management)

The main goal of Service Operations life cycle phase is to restore normal service as soon as possible. Normal service is based on customer perspective and must be defined in a SLA.

Access Management is a key process in Service Operations so Access Management activities are:

  • Predefined
  • Enabling users to return to normal service as soon as possible
  • Providing value to the customer

The job

The Access Manager is a position within the scope of Access Management ITILv3 process.

This document provides a good description of the position but is not complete for every organization. Adjust as necessary.

Position

Production

Key Performance Indicators (KPIs):

  • Number of Access requests not handled at present
  • Response times - Amount of Access requests handled within the time scale defined in the SLA
  • Number of presently open unauthorized Access rights

Metrics:

  • Number of bypasses of the Access Management process
  • Number of Access requests performed through the Access Management process
  • Number of Access requests performed with the Directory Services tool to manage access and rights
  • Number of triggers to process
  • Number of Access requests processed per agent
  • Number of users attempting to access services without proper authority
  • Number of users sharing passwords for access rights
  • Number of Access requests from users compared to Access Management being triggered by Event Management
  • Number of live operational SLAs in use
  • Number of Security Policies in use
  • Number of many to one Access requests through use of group rights
  • Number of complaints and/or letters of praise
  • Identifying, logging, categorizing and prioritizing all Access requests.
  • Access Management cost - Cost based on time used from Access request logging to closure.
  • Percentage number of Access requests from customer compared to operational changes
  • Results of customer satisfaction surveys
  • Hours worked against budget

Responsibilities

Access Manager is responsible for:

  • Tasks
    • Access request detection and reporting
    • Logging, categorization and prioritizing of Access requests
    • Triggering other necessary key processes with defined input
    • Access request investigation and diagnosis
    • Access requests closure after verification from users
    • Evaluating Access Requests to determine if they are likely to reoccur
    • Ensuring adherence to SLA
    • Ensuring adherence to priority based management based on impact + urgency
    • Production of management information in relation to agreed SLAs
    • Making recommendations for Service Improvement Plans
    • Ensuring the Access Management process is performed as designed.
    • Developing a Access Management process model for the role of Access Manager.
    • Ensuring the Access Management process is fit for purpose.
    • Ensuring process description meets objectives
    • Sponsorship, design, and continual improvement of the process and its metrics.
    • Following the organization's policies relating to employment.
  • Personnel
    • Leading and supporting the Access Management team.
    • Motivate the employees you are responsible for. Help them thrive in a challenging work environment.
    • Understanding the full scope of the Access Management process.
    • Ensuring that all your co-workers in projects understand and follow all procedures they are involved with.
    • Ensuring any disagreements with employees have the opportunity to become RFCs.

Authority

  • Category:Service Design design time scales (For Access Management to adhere to SLA).
  • Service Design designs Access Management Models with predefined activities. Any changes to these activities must be transitioned.
  • Access requests outside the scope of the SLA are escalated to the Service Operations manager.

Resources

Internal resources

  • The Access Manager has internal resources available as defined by the organization for process owners.

External resources

  • The Access Manager has external resources as appropriate to ensure the fulfilment of the objectives of the Access management process.

Qualifications

It is expected that the Access Manager has the competence required to competently manage the Access Management ITILv3 process.

It is expected that he/she constantly acquires knowledge necessary to continually manage the Access Management ITILv3 process better so that expectations are continually met.

Advancement

As Access Manager you have the possibility to apply for positions as Service Operations Manager and other key positions in the Operations life cycle phase. You are also encouraged to apply for other positions in Application and Technical Management.

Retrieved from "http://www.itframeworks.org/wiki/Access_Manager"