|RFx ID :||19493647|
|Tender Name :||Identity & Access Management Component Suite|
|Reference # :||17-010|
|Open Date :||Wednesday, 28 February 2018 3:00 PM (Pacific/Auckland UTC+13:00)|
|Close Date :||Wednesday, 4 April 2018 4:00 PM (Pacific/Auckland UTC+12:00)|
|Tender Type :||Request for Proposals (RFP)|
|Tender Coverage :||Sole Agency [?]|
|Required Pre-qualifications :||None|
|Alternate Physical Delivery Address :|
|Alternate Physical Fax Number :|
The University of Canterbury (UC) is embarking on a large programme of work to replace its Identity and Access Management (IAM) Systems. The overall objective of the work to be undertaken is to provide the tools to enable the University to pursue new initiatives and achieve its strategic goals while reducing organisational risk and increasing efficiency within IAM.
The systems that work together to provide an overall IAM solution are reaching end of life and in most cases no further development is possible. This means that important strategic goals of the University such as providing early access to potential students in order to encourage them to enrol and providing access to external researchers to increase collaborative research are not able to be well supported. In addition, UC is looking to implement a solution that improves IAM automation based on approved business rules, along with self-service and workflow where feasible to empower service owner and users providing increased agility and granularity, while reducing overall cost of IAM.
A capability framework to understand the scope of IAM and how the capabilities overlap uses four major functional groups:
(1) Information Management – Identity Life-Cycle, Attribute Management, Data Services, Compliance;
(2) Entitlement Management – Business Analysis, Role Design, Access Control Models, Delegated Administration;
(3) Access Management – Transaction Control, Token Management, Trust Services, Versatile Authentication; and
(4) Identity Analytics – Business Intelligence, Audits, Forensic Reporting, Compliance.
Specific Technical Components include:
1. Password Management, including Self-service password changes
2. Self-Service Access requests
3. Single Sign-on – where supported by UC systems
4. Attribute based Provisioning
5. Integration with UC key Identity Sources
6. IDaaS – provisioning of new Identities for new contacts – a globally accessible service.
7. Person of Interest (POI) management – Longer term visitors (not Students or Payroll Staff) that require significant access to UC resources and for who we wish to both audit their access and retain their identities for future / repeated use.
The Business Requirements sets out our comprehensive requirements.
UC have completed an initial ROI and this has informed this RFP approach. This RFP seeks to procure a fully integrated ‘end to end’ IAMs solution from a single supplier (or consortia, with a head supplier).