Access Certification

Overview

Reviewer Report [ view larger screenshot ]

Automate and Improve Compliance Effectiveness
IdentityIQ Compliance Manager automates the access certification process, establishing repeatable practices for a more consistent, reliable and easier-to-manage certification effort. It provides easy-to-use certification reports for both business and technical users. To improve the accuracy of reviewer decisions, Compliance Manager delivers risk-aware and change-aware certifications where each certification report clearly highlights policy violations and changes from the previous certification (new users, new roles, or new entitlements) and displays each user's risk score. This information enables reviewers to easily focus on areas of potential risk and make better decisions.

Compliance Manager supports a variety of certification types, including business manager, application owner, group owner, or ad hoc certifications. Easy-to-configure certification workflow options include delegation or reassignment of certifications; configuration of notification and escalations; and the ability to define challenge and remediation periods. Certifications can be scheduled on a periodic basis (e.g., quarterly), event-driven (e.g., when an employee changes departments), or they can be "continuous" - a flexible option allowing reviewers to be notified on a rolling schedule as certifications are due or when exceptions occur, such as a policy violation or an increase in a user's risk score.

Capabilities

• Drive Automated Review Cycles – Custom tailors certification processes, including who and what is being certified; IdentityIQ supports a variety of certification types, including manager, application owner and ad-hoc certifications.
• Run Flexible Certification Cycles – In addition to periodic certification schedules, IdentityIQ supports event-based and continuous certification where any new privileges or changes to existing privileges are immediately presented for review and certification.
• Present Data in Business-Friendly Language – Displays role and entitlement data in clear business context, freeing up hours of lost productivity spent by managers deciphering arcane technical data.
• Focus Reviewers on Real Business Risk – Leverages a risk-aware and change-aware approach that highlights high-risk users and any changes or exceptions that require oversight.
• Enforce a Closed-Loop Remediation Process – Ensures compliance by sending automatic revocation requests to user provisioning systems or help desk systems and validating that changes occurred.
• Track Reviewer Progress and Actions – Tracks the percentage of certifications completed by specific managers, departments, and the entire company. An intuitive progress chart allows users to drill-down to an individual access certification report.

Features

• Consolidated Certification Reports – Centralize access data, including entitlements, roles and policy violations, across the organization and format it into easy-to-read certification reports.
• Flexible Certification Types and Schedules – Enable a variety of certification types, including people manager, application owner, and ad hoc certification; supports flexible certification scheduling including periodic, event-based and continuous.
• Automated Workflow – Automate certification routing, notification and escalations; the delegation or reassignment of certifications; and the ability to define challenge and remediation periods.
• Business-Oriented Certification Process – Speed and simplify certification decisions for business users by presenting complex IT data with business-friendly language; leverage the IdentityIQ entitlement glossary to add context to lower-level IT data.
• Closed-Loop Remediation – Ensure continuous compliance by sending automatic revocation requests to an automated or manual user provisioning system and validating changes occurred.

Resources

• SailPoint IdentityIQ Product Overview – A high-level introduction to SailPoint IdentityIQ, an innovative identity governance solution that delivers risk-aware compliance management, adaptive role management, access request management and identity intelligence.
• IdentityIQ Compliance Manager Data Sheet – Outlines the key components and benefits of IdentityIQ's compliance management offering including access certification, policy enforcement, and activity monitoring.
• NEW! What's New in SailPoint IdentityIQ 4.0 – Get a closer look at the business drivers behind the new features now available in the latest version of IdentityIQ and how they help to synchronizes identity business processes with IT controls for improved compliance performance.
• On-Demand Webcast: Doing Better with Less: Driving Sustainable & Cost Effective Assessments of User Access – Hear from audit and identity management professionals from PricewaterhouseCoopers and SailPoint as they introduce a proven approach that reduces assessment costs using a set of tools and accelerators to more effectively and efficiently identify gaps in identity governance and compliance. You'll learn how to improve audit performance and drive sustainable, compliant processes for managing user access.
• Case Study: Streamlining User Access Reviews for More Effective, Sustainable Compliance – A Global 100 leader in insurance and financial services automated their access control review and reporting process with SailPoint. They dramatically increased the accuracy of user and entitlement data and are now better equipped to meet the requirements of Sarbanes-Oxley.
• Case Study: Improving Compliance Performance and Risk Posture with SailPoint – One of the top 15 banks in the world launched a fully-automated access certification process across 29 SOX-relevant applications in just 60 days with SailPoint.
• On-Demand Webcast: Improving Access Certifications for Enhanced Security and Lower Costs – For many organizations, access certifications are prone to human error and are often inaccurate. With no repeatable process in place, the overall certification process becomes inconsistent, unreliable and difficult to manage. In this webinar, we show you how you can quickly improve the operational efficiency and accuracy of your certification process through real-world lessons learned.

Demo

Register to See IdentityIQ in Action

Please complete the questions below and someone will contact you soon to schedule an IdentityIQ demo. *Please note, fields marked with an asterisk (*) are required. First Name: * Last Name: * Title: * Company: * Email: * Phone: * (please use only numbers) What capabilities are you most interested in? (select all that apply, please hold down "ctrl" key when selecting multiple answers) Compliance management Access Certifications Policy Enforcement Activity Monitoring Role Management Access request management Identity intelligence Auditing and reporting All of the above Other   * If your browser is set to accept cookies, you will be recognized on subsequent visits and immediately granted access to the SailPoint Resource Center.