Access review and certification is the process of reviewing and correcting the user access within an organization ensuring that users have only required access and do not have acquired any unauthorized access as part of their life cycle in organization. Access review process can be configured in closed loop so that the access is removed immediately when certifier revoke the access. The access certification/review can be scheduled to run on regular basis and can be done at user, role, application levels giving more detailed view to certification reviewers.
Identity Compliance focuses on access adherence to meet regulatory requirements, define, enforce, and review Identity & Access management policies. Key component of compliance is formulating access model, rules, segregation of duties (SOD) policies, policy violation and managing risk. Excessive risk must be measured, managed, and mitigated. Risk administration and scoring provides a mean for calculating risk for the organization.
Closed-loop Remediation automatically revokes accounts, roles or enticements after the certification process has flagged user access for revocation. Also, depending upon the risk score Closed-loop remediation can be processed via workflow process, de-provisioning event or via mail notifications.
Segregation of Duties (SOD) is an important outcome when managing Identity. Preventing any role from performing all task associated with a business process helps prevent fraud and other malicious activities. ProNoesis enable organization to standardize SOD management for ERP (i.e. Oracle and SAP) and non-ERP systems by defining SOD policies, periodical reviews and recertify user access, determining SOD policy violations and remediating risks associated with user access.
Given that Segregation of Duties (SOD) is a control that relies on roles and the entitlements that make up a role, it is important to perform Role Certification. Role Certification feature allow to run user roles certification including the ability to perform closed-loop remediation activities based on certification reviewer decision.
The foundation phase of IGA implementation focuses on data quality. ProNoesis has built a robust methodology to rapidly bring clarity to existing entitlements and flag dormant and unused accounts. Ensure that there are no duplicate accounts, or accounts that were created out of policy or standard. At this phase, it is critical to normalize identity data, remediating missing or nonconforming information and resolving outlier entitlements.
ProNoesis enables organizations to implement a robust role-based approach to governing user access. Provides collaborative processes to automate complete Role Lifecycle Management including role discovery, mining roles bottom-up (IT roles), modelling roles top-down (Business roles), creating organizational role hierarchies using hybrid approach, defining roles in IGA for role-based provisioning, Role Review / Certification, SOD Checks and on-going management.