Skip to content

Note: This column is part of a semi-regular feature “PMO Corner,” which highlights current events in UIT's Project Management Office.

PMO Corner: IAM user access reviews are production-ready

Department of Pathology added to pilot; target implementation to be determined

UIT's Identity & Access Management (IAM) team in the Information Security Office (ISO) has combined feedback from the Department of Pathology with data already collected from UIT, ITS and Campus HR managers selected to test a new user access review process in a SailPoint training environment. The system and supporting materials are production-ready, with an official rollout date to be determined, according to Chief Information Security Officer Randy Arvay, who presented a program update on October 23 to the University's Architecture and New Technology Committee (ANTC).

Ultimately, all managers at the University of Utah will be required to review their employees' elevated access to high-risk applications. Currently, the identified high-risk applications are Cactus, EPIC, Lawson, and PeopleSoft (Campus Solutions – HE, Human Resources – HR, and Financials – FS). This list is expected to grow as applications are added.

Once introduced, user access reviews will occur every four months. The process is required in order to comply with Policy 4-004, Rule 4-004D, and closes the loop on Human Resources scenarios such as an employee leaving the U yet retaining administrative access to University applications, or employees reporting to inactive or multiple managers.


Did you know?

The UIT PMO is staffed with project managers who have the necessary skills and understand the processes of both IT and business. This provides the PMO the ability to manage projects undertaken by both the IT organization and campus organizations. For more information, please visit our website.

Share this article:

 

Node 4

Our monthly newsletter includes news from UIT and other campus/ University of Utah Health IT organizations, features about UIT employees, IT governance news, and various announcements and updates.

Subscribe

Categories

Featured Posts

Last Updated: 6/8/23