Editorial Feedback - Githubissues

Description of Issue:

Editorial feedback from Jim Thompson

Details of Issue:

Services Framework

“The Services Framework is designed for ICAM Program Managers and Information Technology Enterprise Architects.” Should these titles be capitalized?

Identity Management

“Your identity within your agency’s Human Resources (HR) system is different from your personal identity at your personal bank.” Delete second “personal.”

Use Case 1: Create & Maintain Identity

“I want to create a new enterprise identity, so that an individual may be established as a federal employee or contractor that will need to be identity proofed, credentialed, and granted access to agency services.” Change “that” to “who”.

Use Case 2: Proof an Identity

“The location or information that a person needs to access informs the Identity Assurance Level (IAL), which informs the elements you should require from that person for identity proofing.” Recommend changing one of the “informs” to another word, for readability. “drives”? “specifies”?

Use Case 3: Manage the Entitlements Lifecycle

“This individual may be the employee or contractor, their supervisor, HR, or a security team member.” Change “This individual” to “The requestor”.

Use Case 5: Issue a Derived Credential

“In this case, a derived credential is needed for purposes such as accessing secure agency websites or an agency VPN from their mobile device.” Swap “secure” and “agency”.
“A derived credential is a credential derived from an existing credential, with a different form factor (like on a mobile device).” “as on a mobile device”? I’ve never been completely clear on “like” vs. “as”.

Use Case 6: Manage the Credential Lifecycle

“ … generating a new PIN information …” has an extra word. Either “information” is not needed or maybe “a”.
“In this use case, an employee or contractor interacts with the agency services to register or request a derived credential.” This looks like a cut & paste problem.

Use Case 7: Grant Access

“I want to allow access for only employees and contractors that meet established requirements, so that only the people who should have access do have access.” Change “that meet” to “who meet”. Change “the people” to “those”. The latter is pedantic, but “people” is inherently plural, as in “We the people”. And “persons” is not used in common discourse.

Component Examples

“An authoritative source is a repository of identity attribute data.” Add an adjective such as “trusted” or “reliable” before “repository”.

Standards & Policies

NIST SP 800-205: Attribute Considerations for Access Control Systems “This document outlines factors which influence attributes that an authoritative body …” Change “which” to “that” and delete second “that”.

Systemic

Call me old [school], but I dislike using the plural “they” and “their” as a way around the English language’s lack of a nongendered singular subject and nongendered singular possessive. I also don’t particularly like the “his/her” construct or alternating use of “his” and “hers”. Could you take a pass through to see if some of the sentences can be restructured without becoming too awkward? For example, “When an employee or contractor requires authentication, but cannot leverage an existing credential, they can use a derived credential.” In “Accordingly, they are frequently limited to using a small tablet or their phone to stay connected while on the go” “their” can be changed to “a”. Thanks.
First person is used in a few places, most significantly in Manage the Credential Lifecycle. Second person is used in other places. I’m a 3rd person person by training but I can live with 1st person or 2nd person to some extent if it makes the material more readable and friendly. But maybe we don’t need both.