diff --git a/_playbooks/playbook-ilm.md b/_playbooks/playbook-ilm.md index d1f310aff..736731e9c 100644 --- a/_playbooks/playbook-ilm.md +++ b/_playbooks/playbook-ilm.md @@ -30,8 +30,8 @@ subnav: href: '#appendix-a-policies-standards-and-guidance' --- -Version 1.1 -October 11, 2022 +Version 1.2 +November 30, 2022 The Identity Lifecycle Management Working Group of the Federal Chief Information Security Officer Council ICAM Subcommittee developed this playbook to help federal agencies understand and plan identity lifecycle management initiatives. @@ -41,6 +41,7 @@ The Identity Lifecycle Management Working Group of the Federal Chief Information | Version Number | Date | Change Description | | :----------: | :-------: | -------- | +| 1.2 | 11/30/22 | Added Detailee Use Case under Step 4 Integrate. | | 1.1 | 10/11/22 | Move 3rd party federation content to Cloud Identity Playbook federation section. | | 1.0 | 06/30/22 | Initial Draft. | @@ -285,6 +286,8 @@ Make attributes available for authorization decisions. Federation is not only ac See the [Cloud Identity Playbook Federation section]({{site.baseurl}}/playbooks/cloud/#federation) for more information on federation and using trust frameworks for government, mission partner, or public identity federation. +**Detailee Use Case** - An Agency A employee is detailed to Agency B. How can Agency B use their ILM system for this existing Agency A employee, but short-term Agency B employee. Can Agency A share HR data to do birth-right provisioning in Agency B? I think the corpus of this use case is how Agency B can provision Agency A employee without issuing them an Agency A piv card and an Agency A email. + ## Summary The ILM playbook outlined an identity lifecycle process and four steps to create a master user record and lifecycle process within your agency. ILM is the evolution of an identity from creation to deactivation. There are specific steps within each lifecycle phase of the joiner-mover-leaver process. A master user record is the core of ILM and acts as an aggregation point of identity data for all agency users. A master user record integrated with access management tools provides a foundation for more mature ICAM processes.