CEAMS Mind Map
 
 
 
 

CEAMS - Mind Map

40 days ago by: Dave Ziff
 
 
CEAMS Collective mind map.
  • CEAMS
    • Screens
      • Role Owner
        • Manage Roles
          • View Role
            • View all attributes
            • View Access
              • Add/ Remove Access
            • View User Membership
              • Add/ Remove Membership
            • View/ Manage role owners
          • Create Role
            • Highlight what the role owner is responsible for in the role
          • Delete Role
            • Warning and verification notice
            • Users removed from role
        • Approve role requests (for his/her roles)
      • Federal/ First Approver
        • View Identities I manage
          • All Non-PII User Attributes
          • Federal Approver Edits
            • First Approver
            • Update Contract Number/ Admin code
            • User Details
              • Same as what user can change themselves
            • Activate Account
            • Reset to default
            • Grant First Extension
            • Admin Hold (for extended leave)
              • Expected Return date must be provided
        • View Contract Attributes
          • Update contract POC (only COR of contract)
        • Approvals
          • Certifications
          • Role Requests
          • Delete User Request
      • End User Use Cases
        • AM
          • Request Roles
            • Search for available roles
              • Select and Request one or more roles
            • View Existing Roles
            • Add/ Remove Roles
              • Button for submit
              • Button to cancel
          • View Roles
            • existing roles
              • button to remove role
              • Button to View role details
            • pending roles
              • Button to discontinue role
              • Submit additional justification
            • Button Redirect to Request roles page
          • Create a role
            • Fed and CMS Employees Only
        • IDM
          • Manage profile
            • Out of Office
            • View/ modify Identity
            • View Identity Metadata
            • Link to Change Password or security questions
        • CM
          • Manage Passwords
            • Manage Security Questions
          • Manage MFA
        • Gov
          • View end user history for self (30 Days)
        • Resources
          • Information Page (old EUA Info)
          • CAA Listing
          • EUA Documents and links
          • Role and Application Listing
      • Group Owner
        • View existing access
        • Generate Reports
        • Manage Group
      • CAA
        • Certifications
          • First
          • Second*
        • Escalate Requests*
        • Submit connect/ disconnect Request
        • Create Account (detailees and CMS employees)
        • Manage Users
          • Profile Changes
            • All a user can do
            • UPN Changes (Internal Only)*
            • Admin Code Changes (internal only)*
            • Legal Name* (Through EFI to EUA)
            • Carrier numbers*
            • Plan numbers*
          • Password
            • Enable/ Disable*
            • Reset to Default
          • Submit Delete User Request for approval*
          • Activate Identity
          • View
            • User Attributes
            • Submitted Tasks for all users in Org* (audits)*
            • Contract Attributes (internal Only)
            • Company Attributes (internal only)*
            • Admin Code Attributes (internal only)*
            • Site Table Lookup
            • Role Attributes
        • Generate Reports
        • OPI CAA's
          • Limited Scope to Company
          • Limited scope to OPI Jobcodes
          • OnePI Helpdesk
      • OWNERS
        • FISMA (Bus Owner)/ ISSO (Feed from CFACTS)
          • Application/ Owners CMS/ Federal Employees Only (defined by FISMA/ISSO)
            • Groups (entitlements) Created by any CMS/Fed/ Leidos (approved by Application owner)
        • Role Owners (Any CMS Employees/ Federal)
          • Access
          • 3 Role Owners Min
        • Designee
      • Service Desk
        • ESD Screen
          • User search
            • Basic Profile
            • Role View
            • Endpoint/Accounts (groups too)
            • User Activity
            • Extend Identity
            • Reset PWD to Default
            • Enable/Disable Accounts
        • Site Table (if needed)
          • For archived/deleted users
    • Role Management Framework
      • Enterprise Role
        • Role Attributes
          • Role Name
          • Display Name
          • Technical Description
          • Business Description
          • Owner
          • Attestation Period
          • Organization
            • CMS
            • Contract
              • Company
            • Grant
            • Federal Agency
            • State Agency
            • Company (HPMS)
        • Access
          • Application
            • FISMA System
              • FISMA Acronym
              • FISMA Name
              • FISMA Owner (Business Owner)
              • ISSO
            • Application Name
            • Application Owner
            • *Environment
              • Application URL
            • Group
              • Group Name
              • Attestation Period (Audit Review)
              • Minimum Level of Assurance
              • App Maintainer (Optional)
              • PWD Policy
              • Description
              • GO Designee (Maintains) (Optional)
              • BO (Maintains and Approves Access)
              • End Point
    • Use Cases
      • UC-Create Role
        • Core Attributes
          • Role Name
          • Description
          • Technical Description
        • Access
          • Search for existing Groups based on the application
          • Requests for access should be approved by Group owner
          • Access Owner gets notified of attempted access
        • Role Owners
          • Role creator must have three owners
          • Role requester is owner by default
          • Role Owner Designee (optional)
        • Contractor Organization
          • Search for and select org.
        • Notification
          • Message to role owners
          • Message to designees
        • Conflicting Roles
      • UC - Create Application
        • Select FISMA System
          • Gets FISMA Owner, ISSO, FISMA Name
          • Must exist in CFACTS
          • Can only be created by FISMA Owner or ISSO
        • Application Details
          • Application Owner
            • May be different that the FISMA Owner/ISSO
          • Application Name
          • Application Environment(s)
            • Application URL(s)
      • UC - Self-Service Role Request
        • User should be able to search for roles available to request
          • Role Name
          • Application
          • Contract/Company/Org
          • Description
          • Keywords
        • Should show users existing access
        • Preventative measures should be in place to prevent users from requesting conflicting roles/entitlements
        • Recommended roles bases on org/company/contract and commonly requested
        • Should show sufficient details in role search
          • Business Description
          • Role Owner
          • Role Owner Phone
          • Role Owner Email
          • Role Name
          • Password Policy
        • Justification
          • Justification requirements should be included in role detailed description
          • Separate justification for each role
        • Temporary assignment
          • Access is removed after specified period of time without approval
      • UC Log In Page
        • User ID and Password Authentications
        • PIV Authentication
        • User Terms and Conditions consent
          • Pop Up click okay
        • Display Terms and Conditions
          • Pop up
        • Forgot password
        • Link to User Registration
          • EFI
        • Require MFA for Privileged Users
          • Explore other MFA options outside of PIV
        • Forgot user name
        • Unlock account*
          • Answer security questions
            • Detailed message explaining lock/disabled (Pop up)
              • Explain who to contact or what to do
          • Use PIV to authenticate
        • Log in status' generic
        • Require PIV for PIVed users
          • Exceptions
            • Long Term
              • Requires Approval
                • 30, 60, or 90 days
            • Short Term
              • 24 hours
        • IT Service desk Contact Info
        • Link to CMS Connect (VPN)
          • NonCAMS Contract add
          • Self Help Knowledge articles
        • Link to FAQs
        • Link to SNow (API)
          • Create a ticket
      • Landing Page
        • Who user is
        • Last log in
          • Can be a pop up
        • Failed attempts since last log in
          • Can be a pop up
        • Link to Managing my profile
        • Link to Manage my access
        • Link to Pending Approvals
        • Resources
          • CAA Listing
          • Job role Listing
          • Guides
          • Company listing* CMS
          • Admin Code Listing (employees only)
        • Notifications and Announcements (need HCD Input)
          • Pop Up
          • Banner
          • On Screen
        • Submitted tasks
        • Log Out
        • Customize Dashboard?
        • Home button
          • Back to top button
        • Menu
          • Manage my ...
          • Tiles based on user type or access
    • User Registration
      • Inputs
        • EFI
      • Outputs
        • Node API
          • OKTA
          • Saviynt
        • Badging Office
          • From EFI
          • PIV Package Review
      • Shell Account
        • Check ID
        • Check email address
        • Assign UPN
      • Activation
        • Change Password
        • Assign all birthright default accesses granted
      • Processes
        • Assign ID
          • site table
          • active users
          • RACF Data
        • Assign CMS email address (when applicable)
        • Assign UPN
        • PIV Registration
        • Create Password
        • ADS container/ home drive
        • Determine birthright access
      • EFI
        • Update
          • PIV Renewal
        • New User Registration
        • Environments
          • Dev / Val / Prod
        • IDIQ Sync
          • Nightly sync (today)
          • Explore real time sync
            • Expose EFI API to push contract changes
          • info
            • User information
              • PIV Status
              • Idea
            • Organization info
              • Company
              • Contracts
              • CMS Org
              • Idea
          • Eliminate need to manage IDIQ DB (Reference DB)
        • Improvements
          • Provide data back to EFI upon completion of registration
            • EUA ID, UPN, ETC
          • Unrevoke Real Time
          • Contract number
            • updates available real time
          • ELDAP real time Job code consumption
        • Security Manager
          • Feed to EFI to provide dates and status
Report abuse
More Maps by This User