Start Mind Mapping Now!
- Professional Mind Mapping
- Best MS Office Integration
- Build-in Gantt chart & Timeline
- Templates & Tutorials
CEAMS - Mind Map

CEAMS Collective mind map.
- CEAMS
- Screens
- Role Owner
- Manage Roles
- View Role
- View all attributes
- View Access
- Add/ Remove Access
- View User Membership
- Add/ Remove Membership
- View/ Manage role owners
- Create Role
- Highlight what the role owner is responsible for in the role
- Delete Role
- Warning and verification notice
- Users removed from role
- Approve role requests (for his/her roles)
- Federal/ First Approver
- View Identities I manage
- All Non-PII User Attributes
- Federal Approver Edits
- First Approver
- Update Contract Number/ Admin code
- User Details
- Same as what user can change themselves
- Activate Account
- Reset to default
- Grant First Extension
- Admin Hold (for extended leave)
- Expected Return date must be provided
- View Contract Attributes
- Update contract POC (only COR of contract)
- Approvals
- Certifications
- Role Requests
- Delete User Request
- End User Use Cases
- AM
- Request Roles
- Search for available roles
- Select and Request one or more roles
- View Existing Roles
- Add/ Remove Roles
- Button for submit
- Button to cancel
- View Roles
- existing roles
- button to remove role
- Button to View role details
- pending roles
- Button to discontinue role
- Submit additional justification
- Button Redirect to Request roles page
- Create a role
- Fed and CMS Employees Only
- IDM
- Manage profile
- Out of Office
- View/ modify Identity
- View Identity Metadata
- Link to Change Password or security questions
- CM
- Manage Passwords
- Manage Security Questions
- Manage MFA
- Gov
- View end user history for self (30 Days)
- Resources
- Information Page (old EUA Info)
- CAA Listing
- EUA Documents and links
- Role and Application Listing
- Group Owner
- View existing access
- Generate Reports
- Manage Group
- CAA
- Certifications
- First
- Second*
- Escalate Requests*
- Submit connect/ disconnect Request
- Create Account (detailees and CMS employees)
- Manage Users
- Profile Changes
- All a user can do
- UPN Changes (Internal Only)*
- Admin Code Changes (internal only)*
- Legal Name* (Through EFI to EUA)
- Carrier numbers*
- Plan numbers*
- Password
- Enable/ Disable*
- Reset to Default
- Submit Delete User Request for approval*
- Activate Identity
- View
- User Attributes
- Submitted Tasks for all users in Org* (audits)*
- Contract Attributes (internal Only)
- Company Attributes (internal only)*
- Admin Code Attributes (internal only)*
- Site Table Lookup
- Role Attributes
- Generate Reports
- OPI CAA's
- Limited Scope to Company
- Limited scope to OPI Jobcodes
- OnePI Helpdesk
- OWNERS
- FISMA (Bus Owner)/ ISSO (Feed from CFACTS)
- Application/ Owners CMS/ Federal Employees Only (defined by FISMA/ISSO)
- Groups (entitlements) Created by any CMS/Fed/ Leidos (approved by Application owner)
- Role Owners (Any CMS Employees/ Federal)
- Access
- 3 Role Owners Min
- Designee
- Service Desk
- ESD Screen
- User search
- Basic Profile
- Role View
- Endpoint/Accounts (groups too)
- User Activity
- Extend Identity
- Reset PWD to Default
- Enable/Disable Accounts
- Site Table (if needed)
- For archived/deleted users
- Role Management Framework
- Enterprise Role
- Role Attributes
- Role Name
- Display Name
- Technical Description
- Business Description
- Owner
- Attestation Period
- Organization
- CMS
- Contract
- Company
- Grant
- Federal Agency
- State Agency
- Company (HPMS)
- Access
- Application
- FISMA System
- FISMA Acronym
- FISMA Name
- FISMA Owner (Business Owner)
- ISSO
- Application Name
- Application Owner
- *Environment
- Application URL
- Group
- Group Name
- Attestation Period (Audit Review)
- Minimum Level of Assurance
- App Maintainer (Optional)
- PWD Policy
- Description
- GO Designee (Maintains) (Optional)
- BO (Maintains and Approves Access)
- End Point
- Use Cases
- UC-Create Role
- Core Attributes
- Role Name
- Description
- Technical Description
- Access
- Search for existing Groups based on the application
- Requests for access should be approved by Group owner
- Access Owner gets notified of attempted access
- Role Owners
- Role creator must have three owners
- Role requester is owner by default
- Role Owner Designee (optional)
- Contractor Organization
- Search for and select org.
- Notification
- Message to role owners
- Message to designees
- Conflicting Roles
- UC - Create Application
- Select FISMA System
- Gets FISMA Owner, ISSO, FISMA Name
- Must exist in CFACTS
- Can only be created by FISMA Owner or ISSO
- Application Details
- Application Owner
- May be different that the FISMA Owner/ISSO
- Application Name
- Application Environment(s)
- Application URL(s)
- UC - Self-Service Role Request
- User should be able to search for roles available to request
- Role Name
- Application
- Contract/Company/Org
- Description
- Keywords
- Should show users existing access
- Preventative measures should be in place to prevent users from requesting conflicting roles/entitlements
- Recommended roles bases on org/company/contract and commonly requested
- Should show sufficient details in role search
- Business Description
- Role Owner
- Role Owner Phone
- Role Owner Email
- Role Name
- Password Policy
- Justification
- Justification requirements should be included in role detailed description
- Separate justification for each role
- Temporary assignment
- Access is removed after specified period of time without approval
- UC Log In Page
- User ID and Password Authentications
- PIV Authentication
- User Terms and Conditions consent
- Pop Up click okay
- Display Terms and Conditions
- Pop up
- Forgot password
- Link to User Registration
- EFI
- Require MFA for Privileged Users
- Explore other MFA options outside of PIV
- Forgot user name
- Unlock account*
- Answer security questions
- Detailed message explaining lock/disabled (Pop up)
- Explain who to contact or what to do
- Use PIV to authenticate
- Log in status' generic
- Require PIV for PIVed users
- Exceptions
- Long Term
- Requires Approval
- 30, 60, or 90 days
- Short Term
- 24 hours
- IT Service desk Contact Info
- Link to CMS Connect (VPN)
- NonCAMS Contract add
- Self Help Knowledge articles
- Link to FAQs
- Link to SNow (API)
- Create a ticket
- Landing Page
- Who user is
- Last log in
- Can be a pop up
- Failed attempts since last log in
- Can be a pop up
- Link to Managing my profile
- Link to Manage my access
- Link to Pending Approvals
- Resources
- CAA Listing
- Job role Listing
- Guides
- Company listing* CMS
- Admin Code Listing (employees only)
- Notifications and Announcements (need HCD Input)
- Pop Up
- Banner
- On Screen
- Submitted tasks
- Log Out
- Customize Dashboard?
- Home button
- Back to top button
- Menu
- Manage my ...
- Tiles based on user type or access
- User Registration
- Inputs
- EFI
- Outputs
- Node API
- OKTA
- Saviynt
- Badging Office
- From EFI
- PIV Package Review
- Shell Account
- Check ID
- Check email address
- Assign UPN
- Activation
- Change Password
- Assign all birthright default accesses granted
- Processes
- Assign ID
- site table
- active users
- RACF Data
- Assign CMS email address (when applicable)
- Assign UPN
- PIV Registration
- Create Password
- ADS container/ home drive
- Determine birthright access
- EFI
- Update
- PIV Renewal
- New User Registration
- Environments
- Dev / Val / Prod
- IDIQ Sync
- Nightly sync (today)
- Explore real time sync
- Expose EFI API to push contract changes
- info
- User information
- PIV Status
- Idea
- Organization info
- Company
- Contracts
- CMS Org
- Idea
- Eliminate need to manage IDIQ DB (Reference DB)
- Improvements
- Provide data back to EFI upon completion of registration
- EUA ID, UPN, ETC
- Unrevoke Real Time
- Contract number
- updates available real time
- ELDAP real time Job code consumption
- Security Manager
- Feed to EFI to provide dates and status
More Maps by This User