Login ID Reset Process/Individual application, Forgot password

Reissue process of login ID for an information system

Summary of the Process Model

 * To reset login ID password for an information system, dealing mainly with forgot password.
 * Authority to make applications is limited to the general manager.
 * The information systems division makes sure that issued password is changed by the user.

Diagram
digraph TMPG { graph [size="10,10", rankdir=LR]; node [shape=box, style=rounded]; edge [labelfloat=true];

subgraph clusterM { labeljust=l; label="General managers (group)：managers@company.com"; MS [label="", shape=circle, width="0.3"]; M1 [label="M1:\nEntering the reset ID \nand reasons for it"]; M2 [label="M2:\nID issue completion by \nface-to-face handing"];

MS -> M1 [weight=10]; M1 -> M2 [style=invis,weight=10,minlen=2]; }

subgraph clusterI { labeljust=l; label="Information systems division (group)：information-system@company.com"; dummyI [label="",style=invis]; I1 [label="I1:\nIssue operation \nfor new ID"]; I2 [label="I2:\nConfirmation of changing \nreset password"];

dummyI -> I1 [style=invis]; I1 -> I2 [style=invis,weight=10,minlen=2]; }

M1 -> I1 -> M2 -> I2 [style=bold]; }

People in Charge of the Process (Participants)

 * A general manager (managers (group))
 * Information systems division (group)

Process Owner
General manager of the information systems division

Possible Risks

 * Identity theft: leakage of the employee list which is personally identifiable information
 * ID distribution delay: taking time for login ID distribution
 * Unauthorized use of an ID: login ID does not arrive at the recipient, and a third party illegally uses it.
 * Reset by spoofing: a third party requests for reset. (Reset operation is recorded).