Path to Certification (PTC)


Path to Certification (PTC) administers an efficient framework to deliver recertification. PTC standardizes the processes of collecting and normalizing application entitlement data, establishes accurate and repeatable processes for recertification, as well as campaign compliance monitoring. When your organization is ready to implement an enterprise governance solution, most of the administrative work is complete. The new bridging solution significantly streamlines product implementation effort.


 

 

Identify Target Applications:  Collecting an inventory of applications that fall within the scope of a certification
campaign’s requirements is the first step in a successful certification process. This inventory will detail application
information relevant to the execution of the campaign.

 

Gather Accounts & Grants:  For each application identified, we will work with your team to determine the best
practice approach for the extraction of accounts and group/role memberships from each target. If necessary, we
will work with your team to develop a process for the normalization of this data into machine consumable output.

 

Conduct Entitlement Definition Workshops:  Using our guided workshop format, we will work with your team
of application and business process owners to define the set of entitlements within each application that will need
to be certified. At the end of these workshops, your team will be enabled to define and maintain an inventory of
items within each application that require access certification.

 

Gather Authoritative User Data:  During this step of the process, we will work with your organization to identify
the individuals that will be included in the certification process. This includes individuals whose access is being
certified, individuals approving access, as well as system owners that will be approving accounts that can not be
directly associated with a human user (orphan and service accounts).

 

Import Campaign Data:  All of the work up to this point has been to develop a repeatable set of processes that can
be used to facilitate the adoption of a robust enterprise governance product. During this step, we will import the
data gathered during previous exercises into the PMG Certification Toolkit for analysis. Once complete we can then
execute your certification campaign.

 

Execute Campaign:  Using the parameters defined during our workshop, our toolkit will output a set of
spreadsheets to be distributed to approvers and system owners within your organization. Participants will then
“Certify”, “Revoke”, or “Modify” each entitlement that requires their approval. Once an approver completes their
certification tasks, the spreadsheet is then imported back into the toolkit.

 

Measure Results:  Once all of the resulting spreadsheets have been completed and imported into the toolkit,
a report is generated with any entitlements that will need to be Revoked or Modified. This report can be used
by your organization to drive administrative activities required to remove any unnecessary entitlements from your
user population.