Access Management is a hot topic. It is about controlling who has access to what or, in other terms, who is entitled. Entitlements are what we need to manage. A common approach on that is Role Management. Role Management is established, there is a lot of experience. However, this experience led to two important learnings:
1) You need more than roles - you need to understand competencies, context, and the businesses processes.
2) Role Management approaches are typically to coarse grain for a complete access management down to the system level. The result is that there is the high level management done by roles. The lowest level of this role model (which typically is 2- or 3-tiered) then is mapped to the highest level within the different systems: SAP roles, Active Directory groups or whatever else.
A better Access Management, really and fully managing the entitlements, needs to go beyond roles and beyond a static assignment of entitlements. It is about moving foward to a Dynamic Authorization Management that integrates with what you have. That is a longer journey, but you should start now. The session will provide best practices, experiences and advice on how to move forward to real entitlement management.
