Considerations in Role Design

The connected world of business today requires that people perform various tasks culminating in a desired goal while having different responsibilities. The level of complexity creates problems for anyone managing access to various systems. Roles, being a collection of permissions to be assigned to users, are being used to manage the complexity.

Design of roles is fast becoming a subject of interest in both the academic and corporate world for obvious reasons. Every organization attempts to perform its own exercise, due to the fact that they all have different functional needs and structures. The attempt is made mainly as a bottom-up or top-down exercise. It must be understood that role design is not an activity; it is a process which keeps evolving. The changes can occur due to corporate restructuring or business demands.

In both cases, the roles can be structured in multi-level hierarchies to represent business and technical capabilities. These levels can depend on the complexity of the existing system and the number of functionalities that needs to be assigned; the bigger the size of the business, the greater the number of roles and levels. Read more

Developing Useful Information Security Policies

Going through the process of developing a set of policies for your workplace is a must as you reach some point of growth within your organization. Many companies operate for years without taking the time to develop a standard set of information security policies. We have started to see an uptick in the number of organizations making the move toward budgeting time for policy development, testing, and implementation as a result of the various regulatory requirements the business may be subject to. I want to take a moment of your time to cover some areas I recommend you think about as you go through the process of putting together the necessary policies for your organization. Read more