M3 Playbook > Phase 4: Migration > 4.7 Define Roles and User Access
4.6 Conduct Security and Privacy Reviews
4.8 Configure Systems
4.7 Define Roles and User Access
Technology
Objective
Define roles and user access according to user requirements.
View Best PracticesTask Activities
-
Shared
Document roles and access rights, segregation of duties, identification (ID) request and ID management processes based on Identity, Credentials, and Access Management Framework (ICAM)
-
Shared
Finalize roles and responsibilities for granting user access in Operations and Maintenance (O&M)
-
Provider
Implement Security Configuration for user roles and user access as documented in ICAM
-
Shared
Assign user access rights to employees
-
Provider
Load production user accounts
-
Provider
Test production user accounts
-
Shared
Provide credentials to end users for testing, training, and production
4.7 Best Practices
- Have an ID management tool, ID request process, and contact center procedures to resolve access related issues in place before cutover
- Provide sufficient security access to the deployment team to perform their tasks effectively in advance of deployment
- Establish security roles and responsibilities well in advance of deployment to resolve issues while time allows
Stakeholders
Customer
- Program Manager
- Functional Lead
- Technical Lead/Solution Architect
- Security Lead
- Training Lead
- Information Systems Security Officer (ISSO)
- Network SME
- PMO Lead
- Change Management Lead
Provider
- Program Manager
- Functional Lead
- Technical Lead/Solution Architect
- Security Lead
- Training Lead
- Information Systems Security Officer (ISSO)
- Network SME
- PMO Lead
- Change Management Lead
Inputs
- Requirements Traceability Matrix (RTM)
- Requirements Fit-Gap Analysis
- Target State Organization Design
- Technical Strategy
Outputs
- Baselined List of ID Credentials