Business Requirement/Justification:
- For a Financial Organization, Security and Governance is a critical component in any solution that deals with its Customer data.
- To comply with internal Governance policies, we have different teams managing “User Access” and “Any Product Configuration and usage” activities.
- The Governance team which manages “User Access” do not have the technical knowledge on AEP or CJA to carry out activities like “Creating Connections” and “Data Views”.
- The team who has the knowledge of AEP and CJA are not authorized to deal with “User Access Management” activities as it is against our Governance policy. But for CJA, these two activities are coupled together and Only Product Admin has the ability to “Creating Connections” and “Data Views” along with an ability to “Grant New User Access or Remove Exiting” and “Create Product Profiles”.
- Hence, we want to decouple these 2 broad activities and let regular Product Users have the ability to “Create Connections and Data Views” (and manage the access within the Product Profiles) and limit any “User Management” privileges.
Impact:
- If core AEP/CJA team is given access to Product Admin access. We run the risk of not being compliant with our Governance Policies and Process.
- If not, We will continue to have delays and ongoing challenges to get any Connections and Data Views configured. (THIS IS CURRENTLYT ONE OF THE LIMITING FACTOR TO IMPROVE ADOPTION OF THE SOLUTION.)
- Currently, this is done in working sessions/meetings were the CJA user guides Governance team member to carry out certain activities.
- This is not scalable and not efficient approach, as it is difficult to have required team’s availability and requires multiple people to do the same job.
