Edit this page

12. Maintain Credential - Revoke

When an employee or contractor separates from an agency or no is eligible for their credential, their credential should be revoked. This use case describes the process for revoking a credential.

Actors and Systems Key for Images Actors and Systems Key for Images

Pre-condition: Individual has an active credential.

1. Separation Notification An actor sends separation notification to the credential manager.
Actor could range from the individual to their supervisor, HR, or security team member.
2. Credential Disabled The credential manager invalidates the credential and disables its access provisions.
The credential manager could be a person or a system.
3. Credential Collected An actor collects the credential if it is a hardware token.
Actor could be supervisor, HR, or a security team member.

Post-condition: Individual no longer has access via that credential.

Click here for a consolidated image of this use case.