Product

Identity Gets Smart

Mark McClain, CEO & Founder opens up to InformationWeek about identity governance. Watch the video »

Identity Governance Buyer's Guide - 2^nd Edition

Contains tools to help you identify your priorities, conduct side-by-side product analysis and find a solution that suits your needs. Download the Guide »

Streamline Compliance

Learn how SailPoint makes compliance more effective and sustainable.

Download the Compliance Manager data sheet »

Deliver Convenient Access

Learn how SailPoint keeps pace with access change.

Download the Lifecycle Manager data sheet »

Get the Big Picture

See exactly how SailPoint IdentityIQ works.

Download the SailPoint IdentityIQ brochure »

Align Access with Business

Learn how SailPoint strengthens identity governance.

Download the Role Manager data sheet »

Apply Best Practices

Learn how to plan ahead for successful role management.

Download the White Paper: Practical Role Management »

Manage Identity Data

Learn how to improve visibility and transparency.

Download the Identity Intelligence data sheet »

Manage Compliance

Learn how Identity Governance helps meet compliance requirements.

Download the white paper »

Succeed with SailPoint

Don't take our word for it, see what others are saying.

Stay Connected

Subscribe to our quarterly newsletter.

Subscribe »

Get the latest news and views with SailPoint's podcast series, "The Identity Intelligence Insider"

Listen » | Subscribe »

Media Contacts

Kari Hanson
pr@sailpoint.com
phone: 978-373-4003

Michelle Dillon
Beaupre & Co. Public Relations
mdillon@beaupre.com
phone: 603-559-5835

Choose Wisely

SailPoint's innovative approach is getting noticed. Don't take our word for it, see what others are saying.

SailPoint's Identity Intelligence Insider is a monthly podcast series on hot topics in identity risk management.

Listen »

Hours
8:00AM - 6:00PM CST
Monday through Friday excluding holidays

Email
support@sailpoint.com

Phone
(888) 4SAILPT
(888) 472-4578

Schedule a Demo

See IdentityIQ in action, request a one-on-one demo today.

"By using roles to request, approve and certify user access privileges, BNSF will be able to simplify its user administration and compliance processes. SailPoint IdentityIQ will allow us to enforce and verify role-based access across our critical enterprise applications using a streamlined, automated approach."

Bart Boudreaux, Director, Technology Services, BNSF Railway

"SailPoint helps us define the connection between user access, financial control and intellectual property protection. Their risk-aware approach focuses on the relative risks associated with user access within our business."

Russ Finney, Vice President of U.S. Information Systems operations for Tokyo Electron, U.S. Holdings

"Businesses that are concerned with compliance mandates and ensuring the security and integrity of their IT systems cannot afford 12 to 18 month deployments. With IdentityIQ, organizations can gain immediate payback from automating key governance processes to better address business risk."

Kevin Cunningham, Co-Founder and President, SailPoint

"As a publicly-traded company and financial services provider, we are subject to a variety of regulations including FISMA, SOX, PCI, and SAS 70. To meet these requirements, we are standardizing and automating our compliance processes for identity management, so that we can centrally control who gets access to sensitive resources and maintain compliance as the organization changes over time. This centralized and automated approach allows us to proactively address risk and more efficiently maintain a compliant, secure environment."

Jerry Archer, Chief Security Officer, Sallie Mae

Home » Product » Compliance Manager » Access Certification

Access Certification

From Sarbanes-Oxley to HIPAA, every significant regulation that focuses on protecting highly sensitive data requires that a user's job function and access privileges align. By regularly certifying access and validating the appropriateness of user access privileges, organizations can effectively reduce their chances of non-compliance and improve their overall risk posture.

IdentityIQ Compliance Manager helps organizations meet compliance and risk management goals by providing automated capabilities for accurate, repeatable access certification.

Overview
Benefits
Resources
Demo

Overview

Reviewer Report

[ view larger screenshot ]

Automate and Improve Compliance Effectiveness
Compliance Manager automates the access certification process, establishing repeatable practices for a more consistent and reliable certification effort. It provides easy-to-use certification reports for both business and technical users. To improve the accuracy of reviewer decisions, Compliance Manager delivers risk-aware and change-aware certifications where each certification report clearly highlights policy violations and changes from the previous certification (new users, new roles, or new entitlements) and displays each user's risk score. This information enables reviewers to easily focus on areas of potential risk and make better decisions.

Compliance Manager supports a variety of certification types, including business manager, application owner, group owner, or ad hoc certifications. Easy-to-configure certification workflow options include delegation or reassignment of certifications; configuration of notification and escalations; and the ability to define challenge and remediation periods. Certifications can be scheduled on a periodic basis (e.g., quarterly), event-driven (e.g., when an employee changes departments), or they can be "continuous" – a flexible option allowing reviewers to be notified on a rolling schedule as certifications are due or when exceptions occur, such as a policy violation or an increase in a user's risk score.

Benefits

With IdentityIQ Access Certifications, enterprises can:

Drive Automated Review Cycles – Uses automated, configurable workflow capabilities to support a variety of certification types and schedules, including “continuous” certification
Present Data in Business-Friendly Language – Displays role and entitlement data in clear business terms, freeing up hours of lost productivity spent by managers deciphering arcane technical data
Focus Reviewers on Real Business Risk – Leverages a risk-aware and change-aware approach that highlights high-risk users and any changes or exceptions that require oversight
Track Reviewer Progress and Actions – Tracks the percentage of certifications completed by managers, departments and the entire company, with data presented in an intuitive compliance dashboard that allows drilling down to individual access certification reports
Support Flexible Certification Cycles – Supports event-triggered and continuous certifications, where changes to a user's identity attributes, addition of new privileges or changes to existing privileges are immediately presented for review and certification – in addition to carrying out periodic scheduled certifications
Enforce a Closed-Loop Remediation Process – Automatically sends revocation requests via IdentityIQ Provisioning Broker to the IdentityIQ Provisioning Engine, external provisioning systems or help desk systems (whichever option is selected) and validates that changes occurred
Archive Reports in a Centralized, Secure Depository – Tracks and stores all current and historical entitlement records and activity logs in a secure repository that enables evidence-gathering for forensic analysis, internal audits and external audits

Resources

SailPoint IdentityIQ Product Overview – A high-level introduction to SailPoint IdentityIQ, a comprehensive identity governance solution that delivers risk-aware compliance management, integrated lifecycle management, identity intelligence, and user provisioning with a common framework for managing roles, risk and policy.
IdentityIQ Compliance Manager Data Sheet – Outlines the key components and benefits of IdentityIQ's compliance management offering including access certification and policy enforcement.
On-Demand Webcast: Doing Better with Less: Driving Sustainable & Cost Effective Assessments of User Access – Hear from audit and identity management professionals from PricewaterhouseCoopers and SailPoint as they introduce a proven approach that reduces assessment costs using a set of tools and accelerators to more effectively and efficiently identify gaps in identity governance and compliance. You'll learn how to improve audit performance and drive sustainable, compliant processes for managing user access.
Case Study: Streamlining User Access Reviews for More Effective, Sustainable Compliance – A Global 100 leader in insurance and financial services automated their access control review and reporting process with SailPoint. They dramatically increased the accuracy of user and entitlement data and are now better equipped to meet the requirements of Sarbanes-Oxley.
Case Study: Improving Compliance Performance and Risk Posture with SailPoint – One of the top 15 banks in the world launched a fully-automated access certification process across 29 SOX-relevant applications in just 60 days with SailPoint.
On-Demand Webcast: Improving Access Certifications for Enhanced Security and Lower Costs – For many organizations, access certifications are prone to human error and are often inaccurate. With no repeatable process in place, the overall certification process becomes inconsistent, unreliable and difficult to manage. In this webinar, we show you how you can quickly improve the operational efficiency and accuracy of your certification process through real-world lessons learned.

Demo

Please complete the questions below and someone will contact you soon to schedule an IdentityIQ demo.

*Please note, fields marked with an asterisk (*) are required.

First Name:	*
Last Name:	*
Title:	*
Company:	*
Email:	*
Phone:	* (please use only numbers)
What capabilities are you most interested in? (select all that apply, please hold down "ctrl" key when selecting multiple answers)

* If your browser is set to accept cookies, you will be recognized on subsequent visits and immediately granted access to the SailPoint Resource Center.