
Access management
Implementing an effective role management strategy ensures that user access is controlled and managed in the context of job functions (e.g. Branch Manager) or specific access to a service (e.g. One.CBA Editor). Where roles provide privileged access (e.g. Administrator access to a database) or pose a higher risk, additional controls must be applied.
The Sage case study really challenges Doug’s thinking. He asks Jamie about his specific responsibilities when it comes to roles management. She describes the key aspects of:

Role profile
The data that provides context or additional information about the role (e.g. role name, role description, role ownership, role risk rating).
Role construct
The core substance of the role (e.g. role type, role classification, role composition, assignment rules, constraints, Segregation of Duties functions, approval workflow, identity lifecycle events, role utilisation).