Leading Businesses Deploy New Policy-Driven Process for Initiating, Approving and Validating User Access Requests

WALTHAM, Mass.—November 10, 2008—Aveksa, Inc., the market-leading provider of enterprise access governance solutions, today announced Aveksa Access Request and Change Manager, the newest addition to its Enterprise Access Governance Platform. Aveksa Access Request and Change Manager delivers on the urgent need within enterprises to drive identity and access management into the lines of business and empowers business managers to take ownership of their users’ access privileges. It enables a business process for access change management that allows line of business managers and end users to request or modify access privileges while enforcing business policies and orchestrating changes across enterprise information resources. An automated, business-friendly solution for access change management, Access Request and Change Manager delivers increased efficiency, proactively manages access-related risk and ensures sustainable compliance.

“We need a workflow process that incorporates our organizational structure and our systems, and Aveksa will be our solution for control, visibility and routine processing of access requests to our systems,” said Mike Mostrom, chief information officer for Amscan, the world’s largest designer, manufacturer and distributor of decorated party goods and party accessories. “Aveksa already provides us with solid tracking and certification of systems access. No other vendor we considered recognized the need for the front-end processing of requests. With the addition of Access Request and Change Manager, having this all-in-one package will solve our business need.”

Designed to provide an integrated, end-to-end access request management system for enterprises, Aveksa Access Request and Change Manager provides the following capabilities:

• Business-friendly access self-service – enables business users to easily request new access or changes to existing access rights through highly configurable user interfaces. Access Request and Change Manager provides the lines of business within an enterprise with a simple, context-sensitive, business-friendly view of user access privileges. End users can request specific business roles such as job or process roles, or specific entitlements.
• Proactive policy administration – checks all requests for access against existing business policies and controls before changes are committed across the target information resources. This capability ensures accountability and validation through a set of preventative controls that make access risk and compliance management a proactive process.
• Closed loop access lifecycle management – manages access change requests through a flexible, closed loop workflow that validates that all appropriate actions to user entitlements have been taken. A full audit trail tracks all historical changes, approvals, denials and revocations for access to provide evidence of compliance.
• Advanced reporting and analytics – enables administrators to understand the status of requests, as well as to determine how effectively the organization is delivering on access requests across the entire enterprise.
• Integration with service request and user provisioning systems - ensures that access changes are communicated to user provisioning systems, entitlement management systems and other access enforcement solutions, which in combination enables a continuous process for full access lifecycle management. Access Request and Change Manager can also serve as an authoritative business policy engine for service request management and trouble ticketing systems, enabling them to be used as the front-end interface of the request process or for back-end workflow and tracking.

“The process of managing access throughout its lifecycle can place a significant burden on organizations, and can open the door to security and regulatory risks,” said Deepak Taneja, president and CTO of Aveksa. “With Access Request and Change Manager, Aveksa is delivering a solution that speeds access delivery while also driving ownership and accountability throughout the organization. We look forward to helping companies simplify access management, increase operational efficiency and provide business assurance through proactive access risk management with this addition to our Enterprise Access Governance Platform.”

The Aveksa Access Request and Change Manager module is part of the Aveksa Access Governance Platform and is fully integrated with Aveksa Compliance Manager, providing an automated process for access review and certification and controls automation, and Aveksa Role Manager, which enables full role lifecycle management. The Aveksa Access Governance Platform integrates access policy governance with access enforcement technologies, such as user provisioning, which provides customers with an end-to-end, continuous process for managing the lifecycle of access.

About Aveksa
Aveksa provides the most comprehensive, enterprise-class, access governance, risk management and compliance solution. Aveksa automates the on-boarding, change management, monitoring, reporting, certification and remediation of user entitlements and roles; enables role discovery and lifecycle management; and delivers unmatched visibility into the true state of user access rights. With Aveksa, business, security and compliance teams can effectively collaborate and enforce accountability. Our growing customer base includes leading global Fortune 2000 organizations in financial services, healthcare, retail, transportation and manufacturing. For more information, go to www.aveksa.com