Online ITIL training manuals state that there are four processes that define the ITIL Service Operation phase of the ITIL Lifecycle: Event Management (Incident Management), Request Fulfillment, Problem management, and finally, the main focus of this post, Access Management. ITIL Access Management Process is designed to allow authorized users to access a service and prevent non-authorized users from using it. This is an important process, as it protects the business’ data and ensures that only those employees who need the data to perform their work can access it. This protects intellectual property. Let’s take a closer glance at Access Management.
The 2 objectives
Access management is about granting users the right to use a service or group of services. An IT service provider may offer several services, assets, or configuration items. Each service or configuration item must only be available to those or groups that have the right to use it. Consider, for example, that a service is used by a company to list the details of an employee’s salary and compensation package. This service should be available to all employees. No. This service should only be granted to responsible human resource personnel. Another service that transfers money between departments or to suppliers is also available. This service should only be granted to finance department personnel.
The second objective of ITIL Access Management Process refers to the implementation of policies and activities as defined in Security and Availability Management. This is also an objective for the access management process. Access Management aims to provide services that are accessible only to the right people or groups. Security and Availability Management policies and activities also form part of Access Management’s objectives. Security Management is responsible for data protection and allowing data or services to only be made available to the responsible persons or groups. Access Management grants rights to people or groups who use services. Security and Availability Management Process collaborates with Access Management Process in defining policies and activities.
Policies, principles, and basic concepts
The service catalog lists the services offered by an IT Service Provider. These services include access, identity and rights, service or group groups, and directory services. Let’s take a look at the details of Access Management.
Access Management Term: Access
Access refers to the ability to access the service functionality or data that a user has permission to use. We have used the example of a service that lists the details of the employee’s salary and compensation package in an IT Service Provider. This service is only accessible by the human resources team and is not available to other employees.
Access Management Tern Identity
Identity is information that identifies an individual and verifies his or her status within an organization. An identity is required to access services, assets, or configuration items offered by an IT Service provider. An identity is required to log in to the system and access the IT service provider’s services. By definition, a user’s identity is unique. Different IT service providers may use different identity conventions. It could be the user’s name and surname, email address of the employee, ID of user, or social security number. These are examples of unique identities that an IT Service provider could use. (CLICK)
Access Management Term: Rights
Rights refers to the current settings that allow a user to access a service or group of services. For more information,