Workflow Mapping Example
Example: New Employee Credential Request & Access Request
Trigger: A new employee’s manager raises a request.
Steps:
Manager logs into the PIAM system and initiates a “New Employee Credential & Access”.
Manager enters basic employee details (e.g., name, employee ID) and selects desired access and schedule.
System notifies the employee to provide additional details.
Employee submits personal details and a photo.
Relevant area approvers are notified of access requests.
Area approvers have to reveiw the request and grant or dent access to areas theor responsible for.
If access to an area is granted, relevant access group is automatically provisioned in Command Centre to the new employee. Otherwise the access is not granted.
Security team reviews the request for credential. If the credential request is approved they print and encode the card with employee details.
Employee is notified that the credential is ready for pick up.
Employee picks up the credential in person, with identity verification.
Security staff activates the credential.
Considerations:
Can employees self-initiate requests, or is it manager-only?
Consider if the employee record is already available in Command Centre prior to making the request? It's recommended that the cardholder already exists in Command Centre for security reasons.
Define required fields the manager and employee respectively have to enter:
Manager: employee name and ID, access options, schedule (e.g., days/times);
Employee: photo (size/format), pick up locations if available, identification ID type or number, etc.
Specify how who are the area owners (approvers) for each access group that can be provisioned via this request.
List all available credential pick up options if they apply.
Detail identity verification at pickup (e.g., ID check).
Consider what happens if credential or access requests are declined. Is a reason for the rejection required? Who has to be notified?
Last updated