...
- Do you expect that user accounts are closed as an individual departs? How promptly?
- Do you expect that user's eduPersonAffiliation value is updated as an individual departs? How promptly?
Quality of user data
In larger universities the IdP/IdP gathers users' attributes from several registries with varying data quality. Some attributes can even be self-asserted by the user him/herself.
- Do you want to know the reliability of the user data on an attribute level? On what level of granularity?
LoA Audits
- Is it enough that the Home Organisation self-asserts that they comply with the LoA baseline?
- Plus someone has some enforcement rights (e.g. Home identity federation can remove “compliant” tag from the Home Organisation if there are doubts that a Home Organisation fails the minimum requirements)?
- also internal audits needed?
- also external audits needed?
...