Monday | 6 July, 2009
CSO
Role management software: Making it work for you
Mary Brandel (CSO (US)) 09/09/2008 09:44:00
Page:

Role management software enables the creation and lifecycle management of enterprise job roles, according to Forrester Research. It does this by discovering and logically grouping application-level, fine-grained authorizations and entitlements into enterprise job roles, which can then be assigned to people by rule-based provisioning or request-approval workflows.

In its 2007 survey of 35 organizations, Burton Group found that the number of role management initiatives has grown significantly since 2003, especially in the financial services industry. The top business drivers include:

  • Administrative efficiencies for access management
  • Ease of audit and compliance
  • Improved security controls for access and authorization

The payoff? In return for your efforts, expect the following benefits:

  • Simplified number of managed entities
  • Improved visibility into available resources
  • Better enforcement of policy
  • Improved relationship of IT with the business

All of this comes at a price, of course. Burton Group warns that role management requires a significant investment in up-front effort. In its survey, it found the average annual budget for these efforts was about US$1.2 million. Project funding was widely variable, says Kevin Kampman, senior analyst at Burton, and was sometimes embedded in other initiatives such as ERP or identity management implementations, with investments ranging from nothing (in one case) to between $10 and $1,000 per user. Small and midsize businesses can plan to implement role mining and design projects for $300,000 to $500,000, while large, complex organizations will face $500,000 to $1 million price tags, according to Forrester.

The Burton Group says major challenges for these projects include:

  • Establishing the relationship of roles to business and administrative processes
  • Setting guidelines for defining and establishing roles
  • Determining who should participate and in what capacity
  • Determining how to maintain roles over time
  • Associating roles with resources
  • Determining how to associate business process and policy with roles

Page:
More about Forrester Research, Gartner, Courion, Burton Group, Cigna, ABN Amro, Oracle, SAP, Speed

Comments

Post new comment

Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

Reducing the risk of insider abuse

The potential for insider abuse can never be eliminated completely, but the steps outlined in this white paper can reduce the potential for such abuse. Read on to ensure no one person can alter your operations to their personal advantage or to the detriment of your organisation.

Sponsored Links