IAM in Service Catalog
Instructions: make a copy in "Proposals", change the title, fill in design decisions for each row in the template, and review with team members.
See also: New Reference Group Design Checklist
Identify customers and their business needs: who needs the groups, when do they need them, for how long, and for what business reasons (email, sharing, access control, etc.).
Initial customers include: (re: REQ2821622)
Jeanna Vogt, UW Facilities, would use the groups for communications to Building Coordinators (direct email to group members, or via Marketo campaign).
Communication groups reusable by UW Crisis Communication, UWPD, etc for a variety of purposes such as; annual space inventory, security, health or safety concerns, Facilities/zone-area updates, etc.
|Application Use||Identify what applications the customers needs to use with the groups. Exchange-enabled and use for messaging to campus Building Contacts via Marketo.|
|Membership (Business Definition)|
Define the desired group membership(s) – who's included and who isn't – in business terms and business rules used by the customer to describe the group membership(s).
Request to make an exchange-enabled group for each building on campus that will have 5-10 key contacts.
Identify the business process (e.g. student registration, course enrollment, employment, research administration) that masters data that matches the desired group membership(s).
User (AssetWorks AiM) data to create and maintain the list of building groups, but neither of those data sources, AiM is the primary source for building coordinators, who would be included as members for the building contact groups.
|System of Record||Identify the authoritative system of record where the institutional data is defined and mastered. SpaceWS and/or AssetWorks AiM|
Identity the business domain(s) from UW Data Map. Service and Resources data domain. https://www.washington.edu/uwit/divisions/im/dmc/roles/#SubArea6
|Subject Area||Identify the subject area(s) from UW Data Map. (Emergency Management Services, Environmental Health & Safety, Facilities, Safety & Security, Space Inventory, ?)|
|Type||Define the group type. Do the reference groups represent a simple group, a role, or a permission? Group for communication.|
|Home Group||Choose a home group that aligns with the UW Group Naming Plan and the business domain of the related institutional data. uw_affiliation_*|
Define the group IDs and subgroup IDs that customers need to identify and reference. Some business processes master data that can be used for IDs. uw_affiliation_<facnum>-coord
Define user-friendly display name values for contexts where groups are searched, listed, or selected by display name. Some business processes master data that can be used for display names.
UW Building Coordinator Contacts for <facnum/Building Name>
|Lifecycle Policy (Creation)|
Define when the groups will be created. Some reference groups are created or "pre-provisioned" automatically. Other reference groups are created only by customer request.
Source data tables (ie; AssetWorks AiM updated, nightly sync to Groups Service. or SpaceWS daily/nightly calls to sync Groups Service facnum-coord groups.
|Lifecycle Policy (Deletion)|
Define when the groups will be deleted.
When facnum & facnum-coord data no longer in the source (AssetWorks AiM or SpaceWS).
Define the direct memberships of the groups and subgroups.
Define how membership exceptions are managed, both additions and deletions. N/A
|Membership (Grace Period)|
Define the grace period on membership, if needed. N/A
|Membership (Opt-in)||Define the opt-in policy for the membership, if needed. N/A|
|Membership (Opt-out)||Define the opt-out policy for the membership, if needed. N/A|
Define the contact address. TBD
Define descriptions that help potential customers understand fit for purpose and use, including lifecycle policy, membership policy, data quality standards, appropriate use guidelines, access control policy, ownership, and contact information. Some business processes master data that can be used for descriptions. TBD
|More Information||Define where additional information for customers will be located.|
|Application Settings (Exchange)|
Define the status and settings for use in UW Exchange. Exchange-email enabled. Only members the uw_facilities_* group are authorized to send email to each group.
|Application Settings (Google)|
Define the status and settings for use in UW Google Apps. Inactive.
|Data Custodian||Identify the responsible data custodian(s). UW Facilities (see https://facilities.uw.edu/bldgcoord)|
Determine the appropriate UW data classification (Public, Restricted, Confidential). Public
|Access Control Policy||Decide and document the access control policy including membership viewer control, sender control, appropriate use guidelines, terms and conditions of use, etc.|
|Membership Viewer Control||Define the membership viewer control, including exceptions to the access control policy. No Restrictions? (Or if restricted add Marketo certificates/group-id to viewer list.)|
|Sender Control||Defined the sender control, including exceptions to the access control policy.|
Identify the service that will be used as the data source for provisioning. It may or may not be the same as the system of record. (similar to
Define the technical definition of the memberships in terms used by the data source and its data elements, as well as any additional filtering.
|Provisioning||Define a provisioning model for data integration and reconciliation that ensures the groups are created in accordance with their lifecycle policy and managed in accordance with their data quality standards.|
|De-Provisioning||Define a de-provisioning model that ensures the groups are deleted in accordance with their lifecycle policy.|
|Monitoring||Define a monitoring solution that helps identify incidents and problems, particularly those that impact availability and reliability.|
|Data Quality Standards|
Define data quality standards under normal operations, including data validation rules, timeliness of updates, defined error rates, integrity monitoring, and reliability. The standards will depend on the business process, system of record, data source, provisioning and de-provisioning models, monitoring, and operations.
|Internal Documentation||Define what internal documentation will be developed and where it will be maintained.|
|Customer Documentation||Define what customer documentation will be developed and where it will be maintained.|
|Communication Plan||Define the communication plan to inform audiences about the new reference groups.|
|Request Fulfillment||Define how requests will be fulfilled. For example, standard requests for information, access to memberships, membership exceptions, email settings, design changes, etc.|
|Incident Management||Define how incidents will be handled.|