Role-Based Governance

Overview

Consistently Meet Compliance and Audit Requirements
Role management facilitates business and IT policy alignment by making it easier to translate business policy into technical IT controls, such as separation-of-duty (SoD) rules. With the rich reporting and identity analytics capabilities available in Compliance IQ, managers have quick and easy access to a variety of audit data and compliance metrics – in terms that can be easily understood by business managers and executives.

Capabilities

• Verify Access is Appropriate – To simplify managerial oversight of user access during access certifications, Compliance IQ translates technical entitlement data into high-level business roles. During certifications, business managers can quickly and easily verify that users' access rights are correct and can identify inappropriate entitlements for exception handling.
• Enforce Separation-of-Duty Policy – By automating the enforcement of separation-of-duty (SoD) rules, Compliance IQ ensures that users do not hold roles or entitlements that violate defined business policy. Compliance IQ provides preventive policy checking to validate all new access requests before they are assigned, and scans identity and role data to detect pre-existing policy violations.
• Deliver Visibility into Compliance Performance – For more valuable insight into role-based compliance processes and performance against goals, Compliance IQ provides advanced reporting and analytics. Business-level metrics include the status of access certifications; role revocations requested vs. completed; and SoD policy violations and exceptions.

Features

• Access Certification – Simplifies access certifications by translating technical entitlements into higher-level business roles
• SoD Policy Enforcement – Defines and enforces separation-of-duty policies for business roles and entitlements
• Advanced Reporting and Analytics – Provide detailed metrics on role-based compliance processes and performance

Resources

• Compliance IQ Product Brochure – A quick introduction to SailPoint Compliance IQ, an integrated solution that automates identity compliance controls, manages roles and analyzes identity risk.
• Role Management Data Sheet – Outlines the key components and benefits of Compliance IQ's role management offering including role creation, lifecycle management, role assignment and role-based governance.
• Viewpoints: Role Management and Risk – This educational paper reviews how effective role management can provide the business context necessary for non-technical personnel to oversee and verify user access policy. It reviews three ways that role management helps organizations to manage information security risk and ultimately corporate risk.
• Best Practices: Practical Role Management – This paper identifies common pitfalls on the road to role management and which best practices can pave the way to solving real business problems.
• Role of Roles in Compliance Podcast – Jackie Gilbert, VP of Marketing and Founder, interviews Darran Rolls, CTO for SailPoint, on the subject of role-based access control (RBAC), and its relevance to identity management and compliance projects. Darran tackles the controversial topic concerning the difference in roles for provisioning and roles for compliance and where they can, ultimately, come together.

Demo