Patterns / IDPRO / Executive Overview
IDPRO

IDPRO

Compliance standard for information security.

Total Requirements
8
defined requirements
Mapped Controls
0
control mappings
Overall Compliance
0%
0/0 controls compliant
Related Risks
0
0 critical · 0 high

Requirements Coverage

BoK-IGA Identity Governance & Administration
Not mapped
Strategic alignment, access governance, and IGA frameworks (André Koot, 2022)
No controls mapped to this requirement
BoK-Access Introduction to Access Management
Not mapped
Least privilege, federated identity, delegated authorization (Pamela Dingle, 2020)
No controls mapped to this requirement
BoK-AC Introduction to Access Control
Not mapped
DAC, MAC, RBAC, ABAC, policy-based access, accountability (André Koot, v4)
No controls mapped to this requirement
BoK-Lifecycle Identity Lifecycle (JML)
Not mapped
Joiner/mover/leaver lifecycle, role management, identity proofing (Bago & Glazer, 2021)
No controls mapped to this requirement
BoK-Recert Access Recertification
Not mapped
Access review models, AI-driven recommendations, SOX/HIPAA/GDPR compliance (Gupta, 2025)
No controls mapped to this requirement
BoK-Arch IAM Reference Architecture
Not mapped
Identity registers, authorization engines, policy management (Dobbs, 2021)
No controls mapped to this requirement
BoK-PAM Privileged Access Management
Not mapped
PAM best practices for high-risk accounts (André Koot, 2024)
No controls mapped to this requirement
BoK-NHI Non-Human Identity Management
Not mapped
Machine identity governance, CI/CD pipelines, AI agents (Poreddy, 2025)
No controls mapped to this requirement

Educational Content

Standard Overview

Compliance standard for information security.

How Compliance is Calculated

Compliance is calculated based on the maturity level of each control mapped to this standard. Controls with maturity level 3 or above are considered compliant. The overall compliance percentage represents the ratio of compliant controls to total mapped controls.

  • Compliant: Maturity level 3 or above
  • Partial: Maturity level 1-2
  • Non-compliant: Maturity level 0 (not implemented)
Best Practices for Implementation
  1. Conduct a gap analysis to identify areas needing improvement
  2. Prioritize controls based on risk assessment results
  3. Establish clear ownership and accountability for each control
  4. Implement continuous monitoring and regular reviews
  5. Document evidence of compliance for audit readiness
  6. Train staff on security awareness and standard requirements
Back to Standards View Requirements