The lifecycle of information system users, and more specifically their identities and authorisations, is an essential component of your IAM strategy.
It entails modelling employees’ various possible advancements within the company, from arrival through to exit, and linking in the actions to take in terms of allocating IS access rights. All events in the lives of users within their organisation need to be factored in if you want to ensure that the correct rights are allocated to the right people, and to make IT authorisation audits easier: entry, mobility, exit, change of surname, change or job or posting, long-term absence, transfer, in-house promotions, etc.
Identity lifecycle management is about more than just the company, and forms a key part of information system openness strategies. It potentially affects all populations – human and technical – that might log into the information system: employees, temporary staff, providers, suppliers, partners and customers, but also third-party services, generic or shared accounts, connected objects, etc.
Keeping control of identity lifecycle management is therefore an essential precondition for access management because it will facilitate the technical processes involved in provisioning accounts and IS rights and carrying out authorisation reviews to ensure that each IS user has the correct rights at the right time.