IdentityPROCESS+
IdentityPROCESS+ describes the standard Omada Identity and Omada Identity Cloud solution offering. In this context, standard refers to functionality that is available out of the box (OOTB), provided that Omada Identity is configured correctly.
This document assumes that the reader has completed basic Omada Identity training and is familiar with identity governance and administration (IGA) concepts, terminology, and processes.
Assumptions
The master data required to run Omada Identity is available via standard collectors.
This document does not include detailed descriptions of the following:
- Default functionality available in Omada Identity, for example, adding an email notification in an IGA process.
- Functionality implemented through custom code in Omada Identity.
The mechanism for adding and managing custom code is standardized. - Functions or concepts described in other documents, such as Surveys.
- Usage of the built-in Software Development Kit (Connectivity SDK Guide).
Prerequisites
This section provides a brief overview of the most important prerequisites required to run standard Omada Identity processes.
For a more detailed description of these prerequisites, refer to the installation guide for your version, for example:
Master data
The most important master data required to run IGA processes includes:
- Identity data
- Organizational data
- Applications and systems
- Resources to request
It is assumed that all master data is available in the correct format and is provided to Omada Identity by external systems. The associated governance is not covered in detail.
Although master data can be created directly in Omada Identity, this scenario is outside the scope of this document. External contractors are considered an exception.
Omada Identity provides standard processes to create master data without relying on imports from external systems.
Governance and compliance
Omada Identity includes various requirements related to governance and compliance.
Governance
Governance defines how requirements are implemented and managed in Omada Identity. Two types of governance are distinguished:
-
Type 1: Required to operate Omada Identity.
This includes, for example, defining resource owners or establishing escalation hierarchies. As governance definition is not the primary focus of this document, required governance elements are specified in later sections. -
Type 2: Covers IGA rules and specifications implemented in Omada Identity to address governance challenges and organizational or regulatory requirements.
These are commonly found in regulated industries such as finance and pharmaceuticals and include requirements for:- IGA processes
- Segregation of Duties (SoD) and other compliance rules
- Reporting to demonstrate compliance
Compliance
Compliance consists of functional requirements that require dedicated governance for implementation and validation. It typically includes both enforcement and reporting to demonstrate that an organization meets regulatory and internal requirements.
Omada Identity provides built-in audit reporting capabilities and is designed to support compliance requirements based on:
- Regulations from financial authorities
- Regulations from pharmaceutical authorities
- Directives such as the European Union’s GDPR (EU GDPR)
- IT standards such as those defined by the National Institute of Standards and Technology (NIST)
- Standards such as ISO 2700x when adopted by an organization or required by partners or customers
In addition to printable compliance reports, Omada Identity includes:
- Manager-focused identity lists with drill-down capabilities
- Dashboards for aggregated insights
- Surveys to reconcile Omada Identity data with external information
- Dedicated user accounts for auditing purposes
Additionally, Omada Identity provides tools for accessing all data stored in its SQL databases.