For example, in the traditional Service Catalogue, you would create 3 separate requests, ‘Request CRM Access’, ‘Update CRM Access’ and ‘Remove CRM Access’ for the CRM application. These are separate requests with different forms, workflows and processes and therefore there are three different requests for Administrators to create, update and manage. Once access is granted, the ITSM request is complete, if the user wishes to update the access they must start a new ‘Update CRM Access’ request. There is a record of the request in ITSM, but no record of the requestor’s current access within the CRM Application.
In Activate, you would create a single Service called ‘CRM Access’ with the following information:
- The Data required for access within the service (for example, 'Access Role' like 'Sales Access Level')
- A standard process for granting, updating and removing the service from a user.
- For example, add/remove the user from Azure or AD groups is a standard process and does not require development
- Custom connectors can be used to manage access in LOB applications in remote systems
- Manual fulfilment of the add/update/remove requests via the Service Desk or Business Queue
The processes for requesting, updating and removing the Service for a user are all standard and do not require separate development. Once access is granted, the user (as well as managers and Service Desk agents etc) can see the CRM Access Service in Activate with the associated access the user was granted. The end user can then browse their Services and the 'CRM Access' service can be updated or removed as required with all the current information intact.
Services can also automatically be removed when a user leaves the organisation.