With comprehensive Role Based Access Controls(RBAC) and certifications in place, the client has a hassle-free company-wide certification process.The client is interested in integrating the Sun Role Manager with the existing Sun Identity Manager to reap the benefits of identity correlation and import of users. This apart, the client is also exploring the utilization of other value-added functionalities of SRM to perform comprehensive role engineering and management to enhance the existing role definition.The client is a diversified financial services company operating in over 130 countries worldwide. It is one of the 30 components of the Dow Jones Industrial average and was ranked by Business Week in 2007 as one of the 20 most valuable brands in the world. Started as an express mail business over 150 years back, the client is now a Fortune 500 company with $150 billion in assets and 68,000 employees worldwide. The client has developed several key programs to support the diverse communities in ways that would enhance the company’s image with its employees, customers, business partners and other stake-holders.

Simeio Solutions is a professional services and management consulting company with a strong collective background in implementing identity and role based access control solutions, supporting Fortune 1000 clients such as Agiliance, CA, Computer Associates, Oracle,SailPoint, Novell, IBM.

IT-GRC – Information Technology – Governance, Risk & Compliance:-

The impacts and implications of compliance, risk management and governance on information technology are significant and pervasive.

IT Governance establishes decision structures and tracking mechanisms.

IT Risk Management helps mitigate adverse effects and identifies opportunities.

IT Compliance establishes and monitors IT controls.

Simeio Solutions is a professional services and management consulting company with a strong collective background in implementing identity and role based access control solutions, supporting Fortune 1000 clients such as Agiliance, CA, Computer Associates, Oracle, Radiant Logic, Sun, SailPoint, Novell and IBM.

Simeio offers the first in industry on demand DirectAXs – a one-stop SaaS solution for all your Identity and IT-GRC requirements. Our ICOMAXs, ROMAXs and GRCAXs offering encompass every possible solution in the IAM and IT-GRC space for today and the future. We have two types of solutions on DirectAXs depending on your requirements. Simeio Solutions brings along an intelligent vision of identifying the sweet spots in business process definition and Reengineering. We believe finding the correct identity management product is just one step of several. Key to the company’s success is analyzing and implementing sustainable processes.

Prior Certification Process •••

The manual certification process used by the client was an intensive process and required significant resources to complete. It entailed using spreadsheets, emails, phone calls etc and the outcome was unsatisfactory. There was a lack of adequate documentation and the process was not standardized.

Requirements •••

Common Repository

•    Have a central repository that contains all information regarding employees and contractors
•    Build a Business hierarchy Structure according to Client’s Business Practices.
•    Allow managers to certify on user access and entitlements
•    Allow application owners to certify on access based on individual applications
•    Provide an infrastructure for assessing compliance with controls
•    Automate the process of import of users and accounts

Simplify Certification Process
•    Develop a simplified process for certifications that would allow managers and application owners to perform periodic certifications
•    Provide client with documentation regarding import processes and certification
•    Certify accesses of 2.5k+ users distributes across multiple business units and applications
Prevent Human Errors
•    Development of a systematic solution with documentation should lead to a reduction in errors during the process as well as ensure that appropriate user and application access

The latest version of SRM v4.0.1 with enhanced features was implemented by the Simeio Solutions consultants to help the client achieve their Certification and Audit goals. The enhanced AJAX UI Interface, administrative dashboard, advanced Business Unit – Users correlation and an enhanced Identity Certification and Audit module provided by the new version was an ideal identity management solution to meet audit requirements.

The data imports process for building the Identity Warehouse for the 350k + users and their hierarchical entitlement data was completed by utilizing the ability of SRM to automate and schedule the process of users, accounts and glossary (business descriptions for the entitlements).

The certification module implemented ensured that access to sensitive application data is only provided to users with a valid business need. The two-stage enhanced Certification module implemented at the client verified that the users were reporting to the appropriate managers and in cases of users transferred to new managers/departments and terminated users, reports were generated and sent to the business to reassign them to the current managers. The updated data was reloaded in the SRM tool and new certifications sent to the correct managers. In parallel to implementing the Identity Certification module to review user access at client, SRM was used to address immediate needs to perform Segregation of Duties (SoD) analysis on SoX critical applications to meet client’s audit requirements. Overall close to 200+ SoD business policy conflicts were mapped in the tool and 350k+ users were scanned for SoD violations.

Role Management allows identity and security administrators to grant privileges (or entitlements) using a layer of abstraction that allows for easier management. By using roles to administer rights, we can cut down significantly on the number of transactions needed to initially assign those rights as well as to maintain, modify and remove them.

Simeio Solutions is a professional services and management consulting company with a strong collective background in implementing identity and role based access control solutions, supporting Fortune 1000 clients such as Agiliance, CA, Computer Associates, Oracle, Radiant Logic, Sun, SailPoint, Novell and IBM.

Simeio offers the first in industry on demand DirectAXs – a one-stop SaaS solution for all your Identity and IT-GRC requirements. Our ICOMAXs, ROMAXs and GRCAXs offering encompass every possible solution in the IAM and IT-GRC space for today and the future. We have two types of solutions on DirectAXs depending on your requirements. Simeio Solutions brings along an intelligent vision of identifying the sweet spots in business process definition and Reengineering. We believe finding the correct identity management product is just one step of several. Key to the company’s success is analyzing and implementing sustainable processes.