Identity and Access Management Terms of Reference

Purpose:

The Identity and Access Management (IAM) Governance Committee provides the strategy guidelines, policy recommendations and execution priorities for the IAM program and on-going institutional operations of identity and access permissions and management.  Access is concerned with all types of University resources, including digital information but also including utilization of the university card and physical building access.

Objectives:

User experience

Security

Data redundancy

  1. Person-centric approach to digital identity
  2. Clear and consistent definition(s) of a person's relationship(s) with the  institution – student, staff, etc.
  3. Facilities to allow users to be responsible for as many processes as possible
  4. Simpler on-boarding and off-boarding
  5. One campus card that can be used to access University services.
  6. Consistent mechanism to access buildings based on an individual's role without a separate application process
  7. Defined and automated lifecycle management of digital identities
  8. Provision and de-provision at the highest level
  9. Extensible architecture (for future capabilities beyond this program)
  10. Privacy and security
  11. Campus card is the standard for identification of individuals associated with the University.
  12. Ability to securely manage building access centrally and with minimum effort, including the ability to rapidly remove access to specific facilities from individuals whose role at UBC is changing.
  13. No duplication of identity information
  14. Each identity data element is defined, and comes from a unique System of Record

Discussion Inputs:

  • Information security needs and access permission  requirements for the efficient operation of UBC
  • Information privacy limitations
  • Data architecture and source database designs at UBC
  • Organization of critical data elements in UBC systems
  • Requirements for and approaches to achieving efficient and secure resource access management at UBCGranting University card privileges

Discussion Outcomes:

  • Approaches to people authentication and access authorization automation at UBC
  • Specific technology components selected to achieve this automation
  • Specific, high-level process decisions that help specify the responsibilities of key university roles in the authorization and authentication processes.
  • Approvals for IAM program time lines, resource focus and priorities.

Committee Chair:

The IAM Governance Committee will be chaired jointly by the Managing Director, University Community Services and the Chief Information Officer.  The role of the Co-Chairs is to:

  • Schedule the meetings
  • Set the meeting agendas
  • Lead the meetings
  • Ensure meetings are minuted and minutes are circulated promptly
  • Ensure that agreed follow-up actions as documented in the meeting minutes are completed

 

Procedures:

  • The IAM Steering Committee meets bi-monthly
  • The agenda is prepared by the committee Co-Chairs with support from the program manager and working group chair