Automated user access certification and compliance monitoring.

Aveksa Compliance Manager is the only product in the industry to fully automate the compliance  monitoring, reporting, certification and remediation of user entitlements, making it possible for organizations to easily establish a sustainable access governance model.

Aveksa Compliance Manager enables organizations to:

• Gain enterprise-wide visibility into all user entitlements to information resources
  
• Monitor who has access to what, how they got it and who approved it
  
• Make business managers accountable for reviewing who should have access
  
• Conduct compliance audits to manage all entitlement changes through integration with enterprise-wide access enforcement and user provisioning infrastructure
  
• Determine whether policy and control objectives have been met and provide evidence of compliance
  
• Establish a system of record for access compliance

With Aveksa Compliance Manager, the IT security and compliance team is able to get enterprise-wide entitlements and roles under a consistent, automated and unified framework, while providing the necessary evidence for compliance audits and auditors, ensuring that business managers are accountable for and enabled to make access rights decisions.

• Secure, automated collection — A discovery and aggregation mechanism designed for fast deployment acquires identity, entitlement and role information together with associated metadata from enterprise infrastructure and applications. This information is normalized producing a unified view that is complete and correlated across users, entitlements, roles and resources.
• Automated access certifications — IT security and compliance teams can create customizable workflows for business users to review and certify user entitlements and roles. Reviews are easy to understand and tailored to the needs of the business. The closed-loop workflow ensures accountability and auditability.
• Reporting — Ad hoc reporting, together with an extensive set of built-in reports, delivers detailed, summary analyses of users, applications, entitlements, roles and compliance status.
• Controls automation— Easy-to-use business rules enable security and compliance policies associated with identities, entitlements, roles and certifications to be tested or automatically enforced. Segregation of duties (SOD) rules can be enforced across a heterogeneous environment that includes ERP, mainframe, midrange, client-server and web applications.
• Integration with identity management — The remediation of user entitlement and roles is supported across the enterprise through integration with an organization’s existing access enforcement and user provisioning infrastructure.