University of Illinois System
Skip Sidebar Navigation
Last item for navigation

Building the Access Rights Management (ARM) application

Project Executive Summary   

This project’s purpose is to build, integrate, and deploy an AITS Security Application to replace the existing, homegrown products that have reached limits of effectiveness and adoption at the University. The AITS ITPC-0584 Security Application Analysis project team completed a full examination of the current process and wrote user stories with requirements that aided in evaluation of a build or buy (vended) solution recommendation.  

The final recommendation to the University of Illinois AITS Leadership was to utilize the existing midPoint application architecture (where appropriate) as a backend to meet the existing business needs and allow for additional functionality and future growth. Additionally, the recommendation included creating a governance structure and establishing standard processes for integration and adoption post-implementation as well as develop a training plan to assist in adoption of the new product.

There are a number of existing security access request and fulfillment processes that are not being tracked through the existing tools, meaning these outlier requests are not currently being stored in any electronic database other than e-mail. These processes are not easily audited nor are the requests visible via any current software tool. Therefore, one of the benefits in replacing the current Security Applications is the elimination of any such outlier access requests providing USC’s one place to request all access provisioned or facilitated by AITS.

Vision Statement

Create an easy to use, access management system that efficiently facilitates requests, approvals, provisioning, certifications, and governance related to University of Illinois enterprise systems.

Why are we doing this?

  • Current Unit Security Contacts (USC's) have raised concerns regarding the difficulty in identifying and ensuring the appropriate level of security was obtained for their employee.  
  • Considerable time is spent attempting to reconcile requests for access and/or current access listings for an individual with a similar role with available options within the applications, often resulting in frustration from all parties involved (i.e., hiring manager, USC, and security personnel).  
  • There are currently multiple security access request tools that USCs utilize to request access to various tools, profiles, and data. These tools are very cumbersome and difficult to navigate.
  • The current Annual Access Review is a manual process and very time consuming for USC’s and administrators.  

History

  • Two previous projects fed into the proposal of the implementation of a new security application.  
  • In project PPMO-0040 Unit Security Contact Process Improvement, USCs were consulted to pinpoint issues and determine the needs for improvement on the current USC process and applications. These consultations were utilized to create USC user stories and requirements.  
  • ITPC 0584 Security Application Analysis project explored several options for buying a vended security application as well as building a security application in house. In the end, the team proposed building a new application in house.