Effective entitlement governance ensures that the right people have access to the right resources at the right time. The Configure and Govern Entitlement with Microsoft Entra ID training (SC-5008) teaches you in one day to implement entitlement management, access reviews, lifecycle workflows, and Privileged Identity Management (PIM) using Microsoft Entra ID Governance. You will configure access packages, approval workflows, and automated lifecycle policies to enforce least-privilege access across your organization.
Delivered by an MCT-certified trainer at ITTA in Geneva or Lausanne, this SC-5008 training is entirely hands-on with labs on the official Microsoft cloud environment. You will create access packages with multiple resource roles, configure multi-stage approval workflows, implement access reviews for guest users and privileged roles, and deploy lifecycle workflows for onboarding and offboarding. This training prepares for the Microsoft Applied Skills credential.
Module 1: Plan and implement entitlement management
Module 2: Plan, implement, and manage access review
Module 3: Monitor and maintain Microsoft Entra ID
Module 4: Plan and implement privileged access
In modern organizations, the proliferation of identities and access rights represents a considerable security risk. Each employee, external contractor, or partner has multiple access to applications, data, and cloud resources. Without rigorous governance, rights accumulate over time, orphaned accounts persist after employee departures, and excessive privileges become preferred attack vectors. Microsoft Entra ID, Microsoft’s identity and access management solution (formerly Azure Active Directory), integrates advanced governance features to address these challenges. The SC-5008 training, delivered by ITTA in Geneva and Lausanne, teaches you to deploy these features to regain control of your access.
Entitlement Management in Microsoft Entra ID allows automating the access lifecycle. Instead of processing each access request individually, you create access packages that group the resources needed for a role or project (groups, applications, SharePoint sites). Users request a package through a self-service portal, and the system automatically applies the approval, duration, and renewal policies you have defined. The SC-5008 training guides you through creating resource catalogs, configuring access packages, and defining assignment policies. You will discover how this approach considerably reduces the workload on IT teams while ensuring that each access is justified, approved, and time-limited, an essential principle for organizations in Switzerland subject to regular audit requirements.
Access reviews are a fundamental mechanism of identity governance in Microsoft Entra ID. They allow periodic verification that access granted to users is still justified and aligned with their current role. You will learn to configure access reviews for groups, applications, and administrative roles, defining the frequency, reviewers (managers, resource owners, or users themselves), and automatic actions in case of non-response. The SC-5008 training shows you how these reviews contribute to respecting the principle of least privilege and how they simplify audit compliance preparation. For companies based in Geneva or Lausanne, this feature is a valuable asset for demonstrating to regulators that access is controlled continuously and documented.
Lifecycle Workflows in Microsoft Entra ID automate tasks related to employee onboarding, role changes, and offboarding. When a new employee joins your organization, a workflow can automatically provision their access, send a welcome email, and add them to the necessary groups. During a role change, access is adapted based on the new role. Upon departure, access is revoked, the account is disabled, and data is managed according to your retention policies. You will configure these workflows in the Microsoft labs to understand how they integrate with Microsoft Entra ID events and how to customize them according to your organization’s HR processes. This automation eliminates oversights that represent a major security risk and frees up time for your IT teams.
Privileged Identity Management (PIM) is a Microsoft Entra ID feature that secures administrative roles by applying the just-in-time principle. Instead of permanently assigning privileged roles such as Global Administrator or Exchange Administrator, PIM allows users to temporarily activate these roles when needed, with a limited duration and prior approval if required. The SC-5008 training covers PIM configuration for Microsoft Entra ID roles and Azure roles, defining activation parameters (duration, justification, approvers), and monitoring activations via audit logs. This approach drastically reduces the attack surface related to privileged accounts, a major concern for all organizations in Switzerland.
The SC-5008 training prepares for the Microsoft Applied Skills credential, a practical lab-based assessment that validates your identity governance skills with Microsoft Entra ID. You will be assessed on your ability to configure entitlement management, access reviews, lifecycle workflows, and Privileged Identity Management. This credential attests to your operational expertise and is an asset for your career in the identity and access management field. ITTA, a Microsoft Learning Partner in Switzerland, supports you with MOC materials and experienced MCT trainers in Geneva and Lausanne.
What is Microsoft Entra ID Governance?
Microsoft Entra ID Governance is a set of Microsoft Entra ID (formerly Azure AD) features that enables governing the identity and access lifecycle. It includes entitlement management, access reviews, lifecycle workflows, and Privileged Identity Management.
What is the difference between Microsoft Entra ID and Azure Active Directory?
Microsoft Entra ID is the new name for Azure Active Directory (Azure AD). The name change occurred in 2023 to reflect the platform’s expansion beyond Azure. The features remain the same and the SC-5008 training uses the current Microsoft Entra ID terminology.
What is Privileged Identity Management (PIM)?
PIM is a Microsoft Entra ID feature that secures administrative roles by enabling temporary just-in-time privilege activation. Instead of having permanent administrators, PIM requires explicit activation with a limited duration, justification, and optional approval.
Does this training cover automated access reviews?
Yes, the SC-5008 training covers in detail the configuration of access reviews in Microsoft Entra ID, including defining reviewers, frequency, decision criteria, and automatic actions in case of non-response.
Who is the SC-5008 training for?
This training is intended for identity administrators, security architects, IAM (Identity and Access Management) managers, and IT professionals who manage access and privileges in a Microsoft Entra ID environment.
Where is this training available in Switzerland?
ITTA offers the SC-5008 training in-person in Geneva and Lausanne, as well as virtually with access to Microsoft cloud labs and official MOC course materials.
What is the connection between the SC-5008 training and the SC-300 certification?
The SC-5008 training (Applied Skills) focuses specifically on identity governance in Microsoft Entra ID. The SC-300 certification covers a broader spectrum including authentication, authorization, and identity protection. Both are complementary for identity professionals.
Monday to Friday
8:30 AM to 6:00 PM
Tel. 058 307 73 00
ITTA
Route des jeunes 35
1227 Carouge, Suisse
Monday to Friday, from 8:30 am to 06:00 pm.
