The goal of the IAM Modernization Program is threefold:
- Consolidate IAM solutions to reduce technical debt
- Improve IAM processes
- Join the InCommon community
Due to the significant scope of this effort, the program has been divided into program phases with distinct deliverables.
Phase 0: Research
The project team determined that the program would move forward with the InCommon Trusted Access Platform (TAP), implementing midPoint for identity management and Grouper for group and role management.
Phase I: Group and Role Management
Phase I: Group and Role Management will create the infrastructure to facilitate Role-Based Access Control (RBAC) at the university. Project Charter attached.
Phase II: Password Management
Phase II: Password Management is focused on the modernization of the university's password management tool set.
Future phases may change based on campus and team priorities.
Phase III: Identity Management is expected to modernize the toll set used to create, update, maintain, and administer identities.
Phase IV: Password Store is expected to modernize the infrastructure used to store passwords and integrate with downstream systems.
Phase V: Employee Records Business Logic is expected to review and improve how the identity management systems consolidate, analyze, and process employee data.
Phase VI: Other Business Logic is expected to review and improve how the identity management systems consolidate, analyze, and process all other identity data.