Scenarios overview

Edit online

The following scenarios describe some of the common activities that users and administrators do in IBM Verify Identity Governance to configure the environment and complete daily tasks.

The company, for the purposes of these scenarios, is a large public insurance company. Employees at the company have a wide variety of roles, from accounting to adjusting claims, to customer service. The company grew both organically and through acquisitions over time. As a result, the company has many fragmented information technology systems and processes for managing its business.

In some cases, these systems are used by only a few individuals or they are dependent on employee responsibilities. For example, accountants use a proprietary accounting software developed internally.

Customer service representatives use a customer relations management (CRM) system that was developed and serviced by a third party. Other systems, such as email and voice mail, are common to all employees.

Internal policies are in place to control access to these resources. For example, customer service representatives are not allowed access to accounting software. These policies are difficult to manage and control, requiring approval forms or email tag.

When employees switch departments and jobs, significant time can pass before the employee is removed from old systems and added to new systems. The delays create security issues and decrease productivity.

The need to control access to resources also places a burden on the insurance company management. Managers provide approvals for subordinates who need new access to resources, remove access in some circumstances, and regularly audit those resources for accounting purposes. Away from the office or on vacation, managers often have no way to delegate approvals to other individuals. They must keep records of such delegation in the form of paper or email.

Because it is a large public company, it is also required to follow many securities regulations and must make regular internal audits. Audit reports are time consuming and done manually, often once or twice a year at considerable expense.

Because of the expense and loss of productivity in managing this complex environment, the insurance company decided to implement IBM Verify Identity Governance.

The scenarios in this section demonstrate how company employees would use IBM Verify Identity Governance to provision employees into an identity system and do common identity management activities. These scenarios are grouped by the type of user who does the activity. Out of the box, IBM Verify Identity Governance provides views for these five common user types:
  • System administrator

    This person is responsible for IBM Verify Identity Governance setup and administration activities. Activities include provisioning people, adding services, defining access entitlements, and setting permissions for system users. In most organizations, these administrative tasks are assigned to different users with different roles, permissions, and responsibilities. For the purposes of these scenarios, these administrative tasks are done by one person.

  • Service owner

    This person is responsible for enabling users to do tasks associated with services and access entitlements.

  • Help desk

    This person is responsible for assisting users with common user and account management tasks, such as locked accounts and passwords.

  • Manager

    This person is responsible for users who report to them.

  • Auditor

    This person is responsible for auditing the system by creating reports.

  • Non-administrative user

    This person is a common user of resources whose identity is managed by IBM Verify Identity Governance.

The scenarios are just a subset of activities that these user types do, but they highlight some of the capabilities that IBM Verify Identity Governance offers.