The Business Perspective on Roles Including Root Causes of Implementation Problems and Proven Ways to Overcome them

  • Marc Sel


We present a new way for addressing the business aspects of roles and provisioning. We will quickly outline what is meant by roles and provisioning. We will then discuss what is commonly understood by ‘business aspects’. Subsequently root-causes for identity management project failures are analysed. A dual track/multi-layer approach to overcome the major hurdles is then introduced, and learning from a case study is discussed.

These six ‘root causes’ are: (1) language (different stakeholders speak different languages), (2) lack of distinction between accountability and responsibility, (3) mismatch between expectations of centralised top-down control models such as COSO and today’s mainly distributed organisations, (4) technical incompatibilities of most of today’s systems, (5) SOD is inherently hard to achieve with the current technical state-of-the-art, and (6) low visibility of access control issues makes it hard to obtain adequate funding, The innovative aspects of our approach can be summed up as:
  • • three layers of activities (coordination, business and technical)

  • • adaptation of various software-based techniques from such as ‘Use Cases’ combined with distributed email campaigns to translate requirements into tangible solutions that can immediately be appreciated.

We illustrate how we addressed these six, root causes’ during a project.


Access Control Business Process Internal Control Model Adequate Funding Implementation Problem 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [NIST2001]
    ACM Transactions on Information and System Security, Vol. 4, No. 3, August 2001, pages 224–274.Google Scholar

Copyright information

© Friedr. Vieweg & Sohn Verlag | GWV Fachverlage GmbH, Wiesbaden 2007

Authors and Affiliations

  • Marc Sel
    • 1
  1. 1.PricewaterhouseCoopersUSA

Personalised recommendations