Basics of Identity and Access Management (IAM)

What is Identity and Access Management?
Identity and Access Management IAM has recently emerged as a critical foundation for
realizing the business benefits in terms of cost savings, management control, operational
efficiency, and, most importantly, business growth for eCommerce. Today, almost all businesses
conduct their commerce through open doors—whether it is through a Web site, allowing business partners to
access the company’s IT resources, or conducting business through a storefront. As Web services becomes
more mainstream, that openness will significantly increase. It is clear that the doors of the enterprise are definitely wide open for business. While this openness provides business opportunities, it also presents security challenges and potential risks.Moreover, they must provide this access for a growing number of
identities, both inside and outside the organization.
It is no longer sufficient to just manage passwords. When trading partners, customers or employees are
allowed broader access to the infrastructure, it is important to carefully identify who the user is, what they need access to, what they have access to, what they can do and what can be done with their information, all while ensuring compliance with corporate policies.

IAM comprises of people, processes and products to manage identities and access to
resources of an enterprise. Additionally, the enterprise shall have to ensure the
correctness of data in order for the IAM Framework to function properly. IAM
components can be classified into 4 major categories: authentication, authorization, user
management and central user repository. The ultimate goal of
IAM Framework is to provide the right people with the right access at the right time.

Authentication
This area is comprised of authentication management and session management.
Authentication is the module through which a user provides sufficient credentials to gain
initial access to an application system or a particular resource. Once a user is
authenticated, a session is created and referred during the interaction between the user
and the application system until the user logs off or the session is terminated by other
means (e.g. timeout). By centrally maintaining the session of a user, the authentication module provides Single Sign-On service so that the user needs not logon again when accesses another application.

Authorization
Authorization is the module that determines whether a user is permitted to access a
particular resource. Authorization is performed by checking the resource access request,
typically in the form of an URL in web-based application, against authorization policies
that are stored in an IAM policy store. Authorization is the core module that implements
role-based access control.

User Management
This area is comprised of user management, password management, role/group
management and user/group provisioning. User management module defines the set of
administrative functions such as identity creation, propagation, and maintenance of user
identity and privileges. One of its components is user life cycle management that enables
an enterprise to manage the lifespan of a user account, from the initial stage of
provisioning to the final stage of de-provisioning.
Self-service is another key concept within user management. Through self-profile
management service an enterprise benefits from timely update and accurate maintenance
of identity data. Another popular self-service function is self-password reset, which
significantly alleviates the help desk workload to handle password reset requests.
User management requires an integrated workflow capability to approve some user
actions such as user account provisioning and de-provisioning.

Central User Repository
Central User Repository stores and delivers identity information to other services, and
provides service to verify credentials submitted from clients. The Central User
Repository presents an aggregate or logical view of identities of an enterprise. Directory
services adopting LDAPv3 standards have become the dominant technology for Central
User Repository.



IAM Life Cycle

Figure: IAM Life Cycle

Figure depicts the identity management lifecycle;
• User Provisioning: The identity management lifecycle begins with the provisioning of the user.
• User Management: Once the user is provisioned, the next phase of identity management is the ongoing
maintenance of the users’ access rights, passwords, and accounts. Applying policy-based
management to the user’s identity can assist in automating the management of access control. For
example, policies can be set up that define the resources, applications and functions that a user in the
accounting department should have access to.
• Policy Management: Policy-based management is the glue that pulls all of this together. It allows
automatic updating of access rights, based on membership in a particular group or department. In
addition, it also ensures that corporate policies are enforced consistently across the enterprise.
• Privacy: In response to privacy regulations, enterprises must secure the privacy of certain types of
information that are related to specific individuals.
• Account Closure: Deleting the account when the identity is no longer needed.

KPI's in WebSphere Business Modeler

Business measures are the modeling elements that extend a process model to

create a business measure model. These include situation events, triggers,

counters, stopwatches, metrics, and KPIs.

A business measure is a variable that describes the behavior of a particular

business action that an employee, a process, or a business unit performs.

Identifying and measuring the right variables are at the core of an effective

measurement system. Managers can use this data to lead their organizations

and make informed decisions.

The development of business measures for a process or processes reflects

management's decisions on the design of monitored dashboards (that reflect the

organization’s goals and objectives), as well as the allocation of resources and

the organization of the company. In addition, the design of the business

measures is affected by the design of the business processes. Then, the

management reaction to business measure (monitored) results will affect, in turn,

the redesign of the processes.

KPI's

A key performance indicator (KPI) is just that—an important indicator of how well

a process or an organization is performing. The most effective KPIs are based on

strategic goals. A strategic goal is an executive statement of direction in support

of a corporate strategy. The strategic goal is a high-level goal that is quantifiable,

measurable, and results-oriented. For business measures modeling, the

strategic goal is translated into a KPI that enables the organization to measure

some aspect of the process against a target that they define. KPIs are defined

within the context of the Business Measures Editor of Modeler and evaluated by WebSphere

Business Monitor, comparing the defined KPI targets against actual results to

determine levels of success.

Figure: WBM Business Measure Details

A KPI is associated with a specific process and is generally represented by a

numeric value, based on one or more metrics. A KPI does have a target and

allowable margins (percentage of target), or lower and upper limits (absolute

values), forming a range of performance that the process should achieve. An

example of a simple KPI is average time for response to a customer inquiry, with

a target of less than two days.

KPIs, as well as metrics and counters, can optionally generate situation events

that can cause business actions. An administrator can use the Action Manager in

WebSphere Business Monitor to specify what happens when the situation event

is received, such as an e-mail notification to the appropriate person.

Best practice: When defining KPIs, be consistent in the use of targets and

margins or limits.

Good KPI's

Every company's center of success lies in its ability to provide better products,

services, or both in the shortest time and for the minimum cost. Appropriate

business measurement makes process improvement not only possible but also

continuous. Employees tend to reduce the complexity of these activities, which

leads to decreasing costs while increasing productivity and flexibility.

Thus, it is important to use business measures effectively to drive performance

improvements. A measurement system only provides you with data. It has value

only if the data can be used to make good business decisions and to drive

improvement efforts that translate into appropriate actions and performance

plans.

The development of appropriate KPIs helps to focus on the runtime management

of the process and also guides the directions for improving (remodeling) the

processes, which is a key benefit of the Business Innovation and Optimization

lifecycle.

Best practice: The following are essential characteristics of effective KPIs:

1. Represent the essential few: A successful set of measures contains the vital few key measures that are linked to your success. There may be hundreds, or even thousands, of measures in your organization's database, but no individual can focus on more than a few relevant measures.
2. Combine multiple measures into several overall business measures: a number of organizations struggle with measuring performance by looking at a dozen or so measures. One way of reducing the number of measures is to assign a weight to each measure in a family of measures. You can develop an index, or an aggregate statistic, that represents performance by multiplying each measure by its assigned weight and then adding all such products to arrive at a weighted-average total.
3. Change your strategy as situations change: Sometimes a company starts collecting data on a specific measure because of a specific problem. Once the problem has been solved or the issues that caused the problem have disappeared, collecting, analyzing, and reporting the measure may be unnecessary.
4. Quantify how well processes achieve their goals: A business measure is defined as a quantification of how well the activities within a process or the outputs of a process achieve a specified goal. Quantification is an important part of this definition. To measure something, its attributes must be quantified. Measurement requires the act of measuring and should therefore be reliable and repeatable.

KPI should be put into a context of what the process or organization is trying to

accomplish, which is identified by the goals and targets that have been defined.

Therefore, a good KPI should be designed to help determine whether or not a

goal or objective is being satisfied.

If you work with Modeler, you may know ClipsAndTacks sample project, so we can take that sample scenario with Handle Order process;

i.e. management has decided that the Handle Order process has to be updated so that it can fill orders in a

shorter amount of time. Company management wants to establish an automated

process that shortens order turnaround time, especially for trusted repeat

customers. The planned improvements include a new Web-based ordering

system.

ClipsAndTacks high-level business objectives are to attract more customers,

increase revenue, and reduce costs. Specifically, management wants to achieve

the following goals:

1. Reduce the average time from when orders are received to the time they are shipped to three days. Based on this, a KPI was developed to track the average duration for processing an order, with a target of less than three days.
2. Achieve an order approval rate of 90% or better. Based on this, a KPI was developed to track the percentage of approved orders, with a target of 90%.

Reference:

IBM Redbooks;Best Practices for Using WebSphere Business Modeler and Monitor

Interesting Business Analyst Interview Questions

I have collect some interesting BA job interview questions, mostly non-technical, which can occurr in any IT related job role, so read them carefully.

“What are the other companies you are interested in?”
“What do you do if another employee yells at you”
“what was your proudest moment”
“why do you want to work for us”
“Describe how will you deal with unethical issue at work?”
“Describe a situation when you incorporated another person in making a key decision?”
“Explain your most notable achievment.”
“What do you know about this job?”
“How did you evaluate pros and cons when making an difficult decision?”
“What was the happiest time of your life?”
“Describe a time when you received negative feedback.”
“Explain how you don't like to fail, give me an example where you came near, but bounced back.”
“Describe a situation in which you took a risk, did it pay off, and would you do it differently next time.”
“how do other people view you?”
“Why would you want to work for a company after running your own company for several years?”
“Describe a time when you had disagreements with people.”
“Describe a situation where you had to overcome difficulties with a coworker.”
“how would you start if I was to ask you to design a TV.”
“Tell me about yourself”
“What is the best example of a process you have made more efficient in your life? How did you do it?”
“Describe do you usually communicate with others?”
“Describe a work related problem you had to face recently. What did you do to deal with it”
“If you had to describe a professional short-coming, what would it be?”
“What is your weakness?”
“Have you had any negative interactions with a co-worker in the past and how did you handle it?”
“Tell me how your past work experience relates to your current job/or for this position?”
“What do you know about Us?”
“What was your least favorite class?”
“Name a situation in which you worked with a group.”
“What are your strengths? Weaknesses?”
“What salary are you seeking?”
“describe a time you need to make a quick decision”
“If I spoke with some of your previous employees, how would they describe you?”
“Describe your biggest challenge in your work thus far.”
“Leadership skill, teamwork skills”
“Out of the many standards and certifications existing in this specific field, which one do you believe is the more appropriate and one you follow?”
“Name a time that you used logic to solve a problem.”
“The hardest project you undertook.”
Tell us about a time when you had conflict with your boss. How did you resolved that?”
“What was the hardest challenge you've had over your school and work life?”
“Where do see yourself 5 years from now?”
“Who are the stakeholders? Can you think of any more? Is that all?”
“What Interests you about this role?”
“Tell me about yourself?”
“what are your development areas, both professionally and personally as relating to work?”
“What special attributes or skills make you more qualified for this position than another applicant?”
“What did yo do when, after completing a significant amount of work, but finding out things had changed, and you had to completely re-do your work.”
“what makes you look for another job?”
“How do you handle an unreasonable or extremely unhappy person?”
“What would you say your strengths are?”
“In your one of your projects, which one do you think can be of benefit to our company and how?”