BG

Hi

We are building an enterprise identity and access management. For that purpose I I want to build an overall organisational chart that contains all the roles. These roles are organised in groups, so I want to put the groups in the org chart. I have been told not to put the groups as roles, but as groups. But how can I add the groups to the org chart?

Also it seems not usual to put roles into org charts. So what would then be the place to design a role model?

Thanks and regards

Bertin

by M. Zschuckelt
Posted on Fri, 06/10/2016 - 17:04

Hello Bertin,

indeed, don't do that. Your org-chart has got little to do with the role model. Consider, that the link between the leaves of the organizational chart (positions, held by real people) and the things these people are supposed to do is an individual management decision: Mr. Doe, please take care of the service desk as from today.

I'm exaggerating a bit, but such decisions occur daily in larger organizations. And this decision is independent of other decisions about what else Mr. Doe should do for the organization. So Mr. Doe will take on multiple roles. And probably he also gets a different set of roles compared to other people in his organizational unit. Maybe even people from different organizational units occasionally play the same role. So where do you want to manage sets of roles in your organizational chart? It doesn't work.

Yes, you need someone responsible for describing a role! Find him in your org-chart. Think of a role as the smallest unit of responsibility the management ever wants to delegate. Then you manage a matrix of people at the nodes (management) and leaves (non-management) of your org. chart against roles on the other axis. Model the roles in your processes as the subjects acting in the process and you can delegate the roles to whoever management sees fit to perform that role. If software is sensitive to roles, a directory service like your identity and access management will manage that matrix of who currently can act in a certain role and hence the software will allow access to everything specific to that role.

Regards, M. Zschuckelt

0
by Bertin Günzburger Author
Posted on Fri, 06/10/2016 - 18:49

Hello M.



Thanks for your comment. Doing a IAM project we are focusing on the roles. We have led about 200 interviews to understand what are the activities that belong to the roles. Now we want to put the roles into a structure, where the roles are the leaves (as you have pointed out). Up to now I thought this structure had in an organisational chart. Is there an alternative in Aris? And what type of object are the nodes that connect the leaves? Are these groups?

The actual organisation is not so relevant, or not part of this project, because it is constantly changing. So what is then the best way to go forward?

Regards, Bertin

0
by M. Zschuckelt
Posted on Mon, 06/13/2016 - 13:49

Hello Bertin,

what is your exact purpose of organizing the roles in groups or a tree hierarchy? Is it common ownership of the roles? Or are they "packages" of roles that will be assigned to some user all at once?

Are the activities you gathered in your interviews steps in documented processes, such as EPC or BPMN? Or are they merely IT functions you want to authorize? Most of the time roles are defined by the process context in which they participate in activities. A sensible grouping for roles could hence be their common process context, where they perform activities.

Regards, M. Zschuckelt

 

0

Featured achievement

Rookie
Say hello to the ARIS Community! Personalize your community experience by following forums or tags, liking a post or uploading a profile picture.
Recent Unlocks

Leaderboard

|
icon-arrow-down icon-arrow-cerulean-left icon-arrow-cerulean-right icon-arrow-down icon-arrow-left icon-arrow-right icon-arrow icon-back icon-close icon-comments icon-correct-answer icon-tick icon-download icon-facebook icon-flag icon-google-plus icon-hamburger icon-in icon-info icon-instagram icon-login-true icon-login icon-mail-notification icon-mail icon-mortarboard icon-newsletter icon-notification icon-pinterest icon-plus icon-rss icon-search icon-share icon-shield icon-snapchat icon-star icon-tutorials icon-twitter icon-universities icon-videos icon-views icon-whatsapp icon-xing icon-youtube icon-jobs icon-heart icon-heart2 aris-express bpm-glossary help-intro help-design Process_Mining_Icon help-publishing help-administration help-dashboarding help-archive help-risk icon-knowledge icon-question icon-events icon-message icon-more icon-pencil forum-icon icon-lock