Governance is the set of practices and systems that guides ICAM functions, activities, and outcomes.
To perform effective governance, agencies must collect data about ICAM functions from many sources, such as policies and entitlements stores, and analyze this data. Proper data analytics help agencies monitor compliance with established information security policies.
If your agency identifies problems during data collection and analysis, you should remediate these issues as quickly as possible. Real-time monitoring and risk mitigation is crucial to ensure employees and contractors have only the appropriate access, following the principle of least privilege.
The Governance services in the FICAM architecture include Identity Governance, Analytics, and Mitigation.
The systems, solutions, and rules that link enterprise personnel, applications, and data to help agencies manage access and risk.
Keywords: Management Framework, Rules and Procedures, Access Reviews and Recertifications
Leverage continuous analytics data to identify if someone has entitlements that conflict with access requirements.
Keywords: Data collection, Monitoring, Review, Data Certification, Auditing and Reporting
Correct the problems and address risks, discovered by analysis, that may occur during standard operations.
Keywords: Redress, Remediation