Who performs access fulfilment (provisioning and de-provisioning of user access) to the network and systems within your company?  Is it a first-line function operated by Technology (e.g. Service Desk)?  If not, what department or team performs this function within your company?

Security Strategy & RoadmapIT Strategy & Roadmap
4.6k viewscircle icon8 Comments
Sort by:
VP Cybersecurity in Retail9 months ago

In our company we have a dedicated Identity and Access Management team. Basic provisioning and deprovisioning of access is automated via ServiceNow request and Sailpoint. Anything more exotic (particularly access to legacy systems) is performed manually by IAM. 

Chief Information and Technology Officer10 months ago

Our ITO (Information Technology Office) is involved with the process of identity creation and deactivation but does not control or orchestrate it. Both onboarding and offboarding process flows are controlled and initiated by our HR organization. Our service desk is part of that process but they follow standards and polices set out by our Office of the CISO. 

VP of IT in Education10 months ago

Service Desk via a signal from HR, and communication with the hiring manager to determine system configuration, licenses, etc.  Ours is not automated, but I would like to work towards that.  The issue we have is when contractors do not go through HR, we struggle with getting leave notices to remove access and licenses.  

VP of IT10 months ago

We have both processes automated from our HR system.  What we have found is critical is training of hiring managers to be prompt in executing the HR processes so the provisioning/de-provisioning gets triggered. Our goal is every new employee has an awesome first day, which means a working laptop and all necessary software/accounts.  Procrastination in executing termination in HR system causes us security risk.

Lightbulb on1
CTO for Digital & IT in Healthcare and Biotech10 months ago

In our case it's a combination of HR, who trigger the creation of the new employee within our IAM systems once they've done the initial work in Workday, and the hiring manager (who will create requests in the IT service portal for a PC, phone, etc., and in the access rights portal for access to key applications. The service desk can assist with all that, but isn't usually involved if there isn't an issue. Physical setup is typically done by the user, or by on-site support on the few sites large enough to warrant it.

Content you might like

I’m looking for a “Ransom Consideration Matrix” to use as a supplement to a ransomware response decision tree. Ideally, it would include factors such as: Reputation Impact Scope of Attack Disruption to Operations Threat Intel / APT Reliability Condition of Backups Long-Term Sustainability of BCP Does anyone have any examples of a graphical decision tree or matrix that incorporates some of these types of elements? This is to include in a playbook.

We implemented Oracle HCM recently including Redwood.  Defining the long term plan for support, we face challenges with our Oracle Security knowledge depth specifically (defining and maintaining roles/ SOD/ SOX etc). Is there anyone who has experience in setting this up after a successful Oracle HCM plus Redwood implementation and would like to share best practices with me?

Do you have a person at your company specifically focused on payments (e.g., VP of Payments)?

Yes65%

No35%

Does your IT team or your HR team absorb to costs of HR technology?

Read More Comments

How much time do you spend evaluating vendors each week? E.g. Reading up, having phone calls and demos etc. 

<1hr23%

1-3hrs60%

3-5hrs12%

>5hrs2%

View Results