Rolebasing revealed: The Unified Model of Rolebasing
Measuring rolebasing progress
Two challenges in rolebasing large populations are:
​
-
Condensing millions of data elements into meaningful and simple metrics
-
Combining rolebasing & access management (provisioning focused) objectives
​
For example, the question below is seemingly straightforward.
​
Q: What is the state of rolebasing efforts?
​
Answering this question requires a clear assessment of the less-commonly-held provisions to determine if each attribute population should have an application. Interviewing thousands of managers is an unsustainable model, especially so given that more applications are enabled weekly.
​
Fortunately, interviews are unnecessary. A manager that has requested (or approved, depending on the provisioning model) a provision, has already indicated the provision should be held. Effectively, analysis of currently held provisions is a manager survey that requires no additional time-investment on the part of the manager.
The numbers indicate positions with manually requested provisions, meaning they were not rolebased, and the manager requested them in the IGA.
​
-
Large numbers indicate rolebasing gaps. 565 positions in Division H hold manually requested EHR Template 4 provisions, indicating rolebasing gaps for these positions. Closing these gaps eliminates the need for manual requests for new hires.
-
Small numbers indicate outliers. Divisions A-F have small numbers of manually requested EHR Template 4 provisions. This template is designed for Divisions G and H and should not be held by other Divisions.
Outliers occur when provisions from a prior role were held past the transition date (often requested by managers) or when managers approved access to provisions that are not appropriate for the subordinate's job duties (exceptions).
The report is a powerfully simple baseline for measurement of progress and may be run at regular intervals to detect and eliminate gaps due to intake of new positions or provisions.
Tom Deaderick