IDPro® Body of Knowledge

IDPro® Body of Knowledge Volume 1

The Body of Knowledge (BoK) is a compendium of curated articles intended to form the basis of a robust learning and certification program for identity and access management practitioners. For more information on the submission and review process, please see our Submissions page.

To offer feedback on any of the articles in the Body of Knowledge, please submit your comments in our GitHub repository.

BoK Interactive Map

The BoK interactive map shows Body of Knowledge usage (downloads) by country from 2020 through Oct 2022.

The circles indicate an area where downloads have occurred.
Blue circles are a single country.
Size is scaled up by usage.
Clicking on these will show quarter-by-quarter usage.
Green and Yellow circles indicate the number of countries included.
Click or Zoom in further to see country-level detail.
Data is from our hosting platform, Janeway.

From the Editor

Editor’s Note – Heather Flanagan – Issue 10
Terminology in the IDPro Body of Knowledge – Heather Flanagan – Updated 2023-04-10

Introduction

Authentication and Authorization (v2) – Michael Epping, Mark Morowczynski – 2022-12-16
Introduction to Identity – Part 1: Admin-time – Espen Bago (Editor) and Ian Glazer – Originally published 2020-03-31; updated 2021-06-30
Introduction to Identity – Part 2: Access Management – Pamela Dingle – 2020-06-18
Words of Identity – Espen Bago – 2022-12-16

Consumer / Citizen IAM

Introduction to Privacy for Consumers (v3) – Clare Nelson – Originally published 2020-06-18; updated 2022-12-16

Workforce IAM

An Overview of the Digital Identity Lifecycle (v2) – Andrew Cameron and Olaf Grewe – Originally published 2020-10-31; updated 2022-02-28
User Provisioning in the Enterprise – Ian Glazer, Lori Robinson, Mat Hamlin – 2022-06-03

Standards, Regulations, and Laws

Impact of GDPR on Identity and Access Management – Andrew Hindle – 2020-03-31
An Introduction to GDPR (v3) – Andrew Cormack – Originally published 2020-03-31; updated 2021-06-30, 2022-09-30
Laws Governing Identity Systems – Thomas J. Smedinghoff – Originally published 2020-03-31; updated 2021-06-30
Review – ISO/IEC 24760-1:2019 – Corey Scholefield – 2020-03-31
Review – ISO/IEC 24760-3:2016 – Espen Bago – 2021-06-17
Review – ISO/IEC 24760-2:2015 – George B. Dobbs – 2020 -06-18

IAM Architecture and Solutions

Delegated Authentication Using a SAML Web Browser SSO Profile (v2) – George B. Dobbs – Originally published 2021-09-30; updated 2022-12-16
Designing MFA for Humans – Nishant Kaushik – 2020-10-31
Federation in the Enterprise – Patrick Lunney – Originally published 2021-04-19; updated 2022-06-03
IAM Reference Architecture (v3) – George B. Dobbs – Originally published 2021-09-30; updated 2022-12-16
Introduction to IAM Architecture (v2) – Andrew Cameron and Graham Williamson – Originally published 2020-06-18; updated 2021-09-30
Multi-factor Authentication – Khaled Zaky and Dean H. Saxe – 2022-12-16

Access Control

Introduction to Access Control (v4) – André Koot – Originally published 2020-06-18; updated 2021-09-30, 2022-12-16
Introduction to Policy-Based Access Controls (v2) – Mary McKee – Originally published 2021-04-19; updated 2022-06-03
Strategic Alignment and Access Governance – André Koot – 2022-12-16
Techniques To Approach Least Privilege – Matthew K. Carter – 2022-09-30

Digital Identity

Account Recovery (v2) – Dean H. Saxe – Originally published 2021-04-19; updated 2022-06-03
Defining the Problem – Identity Proofing Challenges – Russ Reopell, Sandy Christopher, and Lorrayne Auld – 2023-04-10
Identifiers and Usernames – Ian Glazer – 2020-03-31
A Peek into the Future of Decentralized Identity (v2) – Leo Sorokin – Originally published 2020-10-31; updated 2022-02-28
Practical Implications of Public Key Infrastructure for Identity Professionals (v2) – Robert Sherwood – Originally published 2021-09-30; updated 2022-12-16

Non-Human Entities

Non-Human Account Management (v4) – Graham Williamson, André Koot, Gloria Lee – Originally published 2020-10-31; updated 2023-04-10

Project Management

Introduction to Project Management for IAM Projects – Graham Williamson and Corey Scholefield – Originally published 2020-03-31; updated 2021-06-30, 2022-09-30

Operational Considerations

Identity and Access Management Workforce Planning – Ken Myers – 2022-09-30
Managing Identity in Customer Service Operations – Arynn Crow and Jp Rowan – 2021-04-19

En Español (PDF)

Terminología en el Cuerpo de Conocimiento de IDPro (2022-09-30)
Autenticación delegada utilizando un perfil SSO de navegador web SAML (v2) (2022-12-01)
Autenticación y Autorización (v2) (2022-12-16)
Federación Simplificada (v2) (2021-04-19)
Una mirada sobre el futuro de la identidad descentralizada (v2) (2022-02-28)
Recuperación de cuenta (2022-06-03)

Other Body of Knowledge Publications and Components

This document is the work draft of the table of contents for the entire Body of Knowledge. As you can see there are many topics we want to cover and could use your help to do so!

Annotated Bibliography

This document is intended as a way to convey some of the accumulated wisdom and knowledge of the members of IDPro. It is in the form of an annotated bibliography, where the references may be books, articles, or any other form of knowledge transfer.

Program Charter

This document is the charter for the Body of Knowledge. Designed to last through the lifetime of IDPro, the BoK aims to create and maintain a sustainable learning resource for identity professionals and support the CIDPRO program by which identity professionals may certify their knowledge and experience.

Table of Contents

Annotated Bibliography

Program Charter

Want to contribute to the IDPro Body of Knowledge?

Please use the below form to let us know about your proposed contribution. We will be pleased to consider your input if relevant:

VIDEO: Body of Knowledge Vol 1, Issue 1 – What Worked / What Didn’t

Comments