Identity Governance and Administration (IGA) tools facilitate controls related to identity and entitlements mandated by regulatory requirements. For evidence of compliance, Auditors and Risk managers do get more quality assurance from the cutting edge IGA tools than on manual processes.
Though IGA solutions are still in the early stages of adoption, enterprises are increasingly realizing the value proposition such tools offer to solve their compliance requirements. The advanced capabilities that IGA solutions provide great value to internal audits and compliance reviews. There are several important questions before the organizations such as, does the solution:
- Specifically address what the auditors and compliance officers are looking for in ‘compliance’?
- Provide demonstrable superior controls?
- Provide evidence of compliance in addition to assisting the audit process?
- Remain ‘non intrusive’ to the various source applications and ERP systems?
- Address relevant and real world SoD, compliance and security concerns across applications, databases, folders and not just one ERP system?
- Provide detailed, granular level details that specify the compliance risk?
Deep Identity – Identity Audit and Compliance Manager (Deep IACM) provides solutions addressing full range of compliance requirements such as excessive access rights, Segregation of Duties (SoD) conflicts, Sensitive accesses and identity and access violations. These compliance checks are in built into Deep IACM and are available out of the box. Policy adherence is checked and Deep IACM produces results for policy violations, reviews, risk scoring, reports and dashboards.
In built certification, workflow tools seamlessly facilitate the follow on processes such as ownership and remediation responsibilities and actionable steps that are of interest to and can be validated by auditors. Deep IACM handles compliance checks differently from other regular IGA or GRC tools. Deep IACM’s compliance checks span across multiple layers across operating systems, databases and applications. As part of the compliance checks, Deep IACM also provides comprehensive risk scoring and evaluation of users.
Deep IACM and Deep IM provide single integrated repository to address the risk management for ERP systems including SAP used in enterprises thus differentiating itself to add value to customers. Deep IACM and Deep IM:
- Discover and manage multiple layers and consider the most granular access metrics.
- Provide compliance management (SoD, Sensitive access, etc.,) across ERP (including SAP) systems and also its supporting infrastructures such as database and folders.
- Include Legacy or in-house applications are commonly still in use among many customers and address the business functions and tasks that spread across multiple applications and systems.
- Recognize that not all customers are fully ready, so provide scalable solutions with continuous improvement opportunities.
- Avoid manual touch points, use integrated work flow, enable configurable follow on functions for remediating and mitigating actions and provide these out of the box.
Deep Identity’s unique offering has its genesis from a business centric approach to enable compliance management to be effective and holistic.