• Current

    • EDMA BI User Access Management SOP

    Owned by
    Phuong Nguyen (Unlicensed)
    Last updated: 19, Feb 2023
    2 min read

    Document Owner

    Purpose

    This document is to follow the SiteMinder Identity and Access Management Standard Policy to ensure authorized user access and to prevent unauthorized access to system and services.

    Scope

    This process applies to all SiteMinder employees who request to Business Insights platform (Tableau) owned by EDMA.

    Roles and Responsibilities

    Roles

    Responsibilities

    Roles

    Responsibilities

    Business Insights Platform Owner

    The person who is responsible for managing the team that creates, publishes, and maintains Business Insights on the corporate data visualisation platform.

    • Access compliance - Ensure that Business Insights are secured in accordance with corporate policies and guidelines.

    • Access control - Ensure that proper access controls are implemented and monitored.

    • Access Review - Review and approve the requests to access Business Insights.

    Business Insights Stakeholder

    The person who is ultimately responsible for how insights, from his or her management domain, inform the business.

    • Access Review - Review and approve the requests to access Business Insights from his or her management domain.

    Business Insights Reader

    The person who accesses and uses Business Insights for the purpose of performing a task authorized by the Business Insights Stakeholder

    • Data users must use data in a manner consistent with the purpose intended, and comply with the corporate policies applicable to data use.

    Process

    New User

    A new user is a person (employee) who has not been granted access to Business Insights before.

    Notes

    Due to limited licenses and to ensure that these are used effectively, new users from the following teams, need additional approval from a manager:

    • Engineering (Approval from the manager is required)

    • Marketing (Approval from the manager is required)

    • Sales, if it's not a Regional Sales Manager and above (Approval from the manager is required)

    Business Forecasts, Financial and Employee related insights are deemed sensitive corporate information. Therefore, access to these or sources that allow for such insights to be derived is restricted to a limited group of users and requires the approval of the ELT.

    Provision

    • Viewer license is assigned by default unless specified otherwise upon request and approval.

    • Tableau access is granted at a folder level, which means that users get access to dashboards included in the specific folders.

    Reinstated User

    A reinstated user is a person (Business Insights Reader) who has been granted access to Business Insights before, however had his or her user profile deactivated due to no access activity for 2 months. User profiles with no access activity are deactivated due to limited licenses and to ensure that these are used effectively.

    A request is submitted to SM-Assist with the relevant details

    • Details of the person (SM-Assist user id) who requires to have access to

    • User’s role

    • Reason for the request

    Reinstated users from the following teams need additional approval from a manager:

    • Sales, if it is not a Regional Sales Manager and above (Approval from the manager is required)

    • Customer Ops (Approval from the manager is required)

    When an employee leaves the company, the ICT team deletes/deactivates the Google account, which in turn automatically revokes access to Tableau through Okta.