The role of Technical and Application Management

⇐ Предыдущая 231 232 233 234235236 237 238 239 240 Следующая ⇒

The role of the Service Desk

Access Management roles

Since Access Management is an execution of Security and Availability Management, these two areas will be responsible for defining the appropriate roles. It is unusual for an organization to appoint an ‘Access Manager’, although it is important that there is a single Access Management process and a single set of policies related to managing rights and access. This process and the related policies are likely to be defined and maintained by Information Security Management and executed by the various Service Operation function s. Their activities can be summarized as follows.

The Service Desk is typically used as a means to request access to a service. This is normally done using a Service Request. The Service Desk will validate the request by checking that the request has been approved at the appropriate level of authority, that the user is a legitimate employee, contractor or customer and that they qualify for access.

Once it has performed these checks (usually by accessing the relevant databases and Service Level Management document s) it will pass the request to the appropriate team to provide access. It is quite common for the Service Desk to be delegated responsibility for providing access for simple services during the call.

The Service Desk will also be responsible for communicating with the user to ensure that they know when access has been granted and to ensure that they receive any other required support.

The Service Desk is also well situated to detect and report incidents related to access. For example, users attempting to access services without authority; or users reporting incidents that indicate that a system or service has been used inappropriately, i.e. by a former employee who used an old username to gain access and make unauthorized changes.

Technical and Application Management play several important roles as follows:

During Service Design, they will ensure that mechanisms are created to simplify and control Access Management on each service that is designed. They will also specify ways in which abuse of rights can be detected and stopped
During Service Transition they will test the service to ensure that access can be granted, controlled and prevented as designed
During Service Operation these teams will typically perform Access Management for the systems under their control. It is unusual for teams to have a dedicated person to manage Access Management, but each manager or team leader will ensure that the appropriate procedure s are defined and executed according to the process and policy requirement s
Technical and Application Management will also be involved in dealing with Incidents and Problems related to Access Management
If Access Management activities are delegated to the Service Desk or IT Operations Management, Technical and Application Management must ensure that the staff are adequately trained and that they have access to the appropriate tools to enable them to perform these tasks.

⇐ Предыдущая 231 232 233 234235236 237 238 239 240 Следующая ⇒

Поделиться с друзьями:

Дата добавления: 2014-12-23; Просмотров: 348; Нарушение авторских прав?; Мы поможем в написании вашей работы!

Нам важно ваше мнение! Был ли полезен опубликованный материал? Да | Нет

studopedia.su - Студопедия (2013 - 2024) год. Все материалы представленные на сайте исключительно с целью ознакомления читателями и не преследуют коммерческих целей или нарушение авторских прав! Последнее добавление

Генерация страницы за: 0.008 сек.