How Roles are Created

IdentityIQ provides a comprehensive set of role engineering tools in the Role Management UI, to help your organization rapidly build and deploy an enterprise role model. These tools include an interactive role modeling interface as well as business and IT role mining capabilities.

Business roles and IT roles can be manually created through the Role Management user interface.

You can also use the role mining feature to generate business and IT roles; role mining can often do the task more efficiently than a manual process. Roles created through role mining can then be manually modified.

In business role mining, roles are identified based on one or more identity attributes in IdentityIQ. For example, if Job Title is one of the identity attributes, a business role can be created based on each unique Job Title.

In IT role mining, IT roles are generated based on system access current employees already have.

Both the Role Management UI and the Role Mining feature are discussed in detail later in this section.