About Responsible Parties
EmpowerID provides a mechanism for assigning and tracking responsible parties for key IT objects, such as accounts, groups, computers, management roles, locations, and shared credentials. The concept of a responsible party is distinct from ownership; while an account owned by a person represents that individual and serves as their personal account, responsible parties are designated to indicate who is accountable for an IT object from a security and audit perspective.
Assigning Responsible Parties
In EmpowerID, any RBAC Actor Type can be assigned as the responsible party for an object. However, most organizations configure EmpowerID to allow only Persons to be assigned as responsible parties. The assignment is stored in a specific field called OwnerAssigneeID, which is available in each supported object's table.
You can assign responsibility for individual EmpowerID objects using the Responsible Party property available on the Details page of the object. For bulk assignments, EmpowerID also allows you to assign responsibility for multiple objects of the same type using an action provided on the object type's ViewMany page. This flexibility makes it easier to manage responsibility across many IT objects efficiently.
Transferring Responsibilities
When a person leaves the organization or changes positions, it is important to transfer their responsibilities to maintain clear accountability. EmpowerID offers several options for this:
- Manual Transfer: You can manually transfer responsibilities from one individual to another using the Transfer Responsibilities workflow.
- Automated Transfer: For planned changes, such as a known departure, you can automate the transfer of responsibilities using a Planned Leaver Event.
These features ensure that changes in personnel do not result in gaps in responsibility for important IT objects.
Reporting on Responsibility Assignments
To help maintain clear accountability, EmpowerID includes reporting tools that can identify IT objects that do not have an assigned responsible party. Running these reports helps avoid situations where critical IT assets are left without oversight, which is important for both security and audit purposes.
Summary
Responsible parties in EmpowerID are used to designate accountability for IT objects from a security and audit perspective. EmpowerID provides flexible mechanisms for assigning, transferring, and reporting on responsibilities to ensure that each object has a designated party responsible for it.