Role-Based Governance

Overview

Consistently Meet Compliance and Audit Requirements
IdentityIQ Role Manager facilitates business and IT policy alignment by making it easier to translate business policy into technical IT controls, such as separation-of-duty (SoD) rules. With the rich reporting and identity analytics capabilities available in IdentityIQ, managers have quick and easy access to a variety of audit data and compliance metrics – in terms that can be easily understood by business managers and executives.

Capabilities

• Access Certifications – To simplify managerial oversight of user access during access certifications, IdentityIQ translates technical entitlement data into high-level business roles. During certifications, business managers can quickly and easily verify that users' access rights are correct and can identify inappropriate entitlements for exception handling.
• Enforce Separation-of-Duty Policy – By automating and simplifying the enforcement of separation-of-duty (SoD) rules, IdentityIQ ensures that users do not hold roles or entitlements that violate defined business policy. IdentityIQ provides preventive policy checking to validate all new access requests before they are assigned, and scans identity and role data to detect pre-existing policy violations.
• Advanced Reporting and Analytics – For more valuable insight into role-based compliance processes and performance against goals, IdentityIQ provides advanced reporting and analytics. Business-level metrics include the status of access certifications; role revocations requested vs. completed; and SoD policy violations and exceptions.

Features

• Access Certification – Simplifies access certifications by translating technical entitlements into higher-level business roles
• SoD Policy Enforcement – Defines and enforces separation-of-duty policies for business roles and entitlements
• Advanced Reporting and Analytics – Provide detailed metrics on role-based compliance processes and performance

Resources

• SailPoint IdentityIQ Product Overview – A high-level introduction to SailPoint IdentityIQ, an innovative identity governance solution that delivers risk-aware compliance management, adaptive role management, access request management and identity intelligence.
• IdentityIQ Role Manager Data Sheet – Offers a complete view into the benefits, key capabilities and features supported by the role management component of SailPoint IdentityIQ including role creation, role lifecycle management and role assignment.
• Viewpoints: Role Management and Risk – This educational paper reviews how effective role management can provide the business context necessary for non-technical personnel to oversee and verify user access policy. It reviews three ways that role management helps organizations to manage information security risk and ultimately corporate risk.
• Best Practices: Practical Role Management – This paper identifies common pitfalls on the road to role management and which best practices can pave the way to solving real business problems.
• Role of Roles in Compliance Podcast – Jackie Gilbert, VP of Marketing and Founder, interviews Darran Rolls, CTO for SailPoint, on the subject of role-based access control (RBAC), and its relevance to identity management and compliance projects. Darran tackles the controversial topic concerning the difference in roles for provisioning and roles for compliance and where they can, ultimately, come together.
• Why Enterprises Need More Roles – SailPoint speaks with Forrester Research Senior Analyst, Andras Cser, to discuss the growing importance of enterprise role management. Cser, a leading expert on identity management, explains why role management is becoming increasingly strategic to organizations as business users become more involved in identity governance, particularly during the recent economic turmoil. He also provides recommendations for companies considering an enterprise role management project.

Demo