Abstract
The IAM Program Outline has been created as a roadmap for institutions to use in developing an IAM program (or to address gaps in their current offerings) including:
- Providing a structure or guidance for those starting IAM
- Identifying a policy framework that institutions may need to consider
- Developing a policy template (or set of policy templates) that other campuses can use
- Providing guidance or awareness about IAM governance
- Identifying existing IAM policies or programs and providing use cases
- Otherwise strengthening the business side of the IAM program
Target Audience:
- Those responsible for IAM policy development.
- Those who have IAM policies in place that need to be updated.
- People or functions impacted by regulatory requirements regarding access control (e.g., GLBA, HIPAA).
- Institutions developing an IAM program or set of policies for the first time.
The Columbia University IAM Use Case, provided as a companion piece to the IAM Program Outline, was develeoped and written by Erik Decker (Assistant Director of Information Security, Columbia University).