Role Management

Model and maintain business and IT roles. Audit out-of-role entitlements.

Roles provide a powerful abstraction that simplifies access management, enables easier validation of compliance controls and ultimately reduces business risk. However, most companies struggle with role definitions and mapping. It is a challenge for them to create a collaborative process for discovering, improving and maintaining roles; delegating role lifecycle management to business managers; maintaining role effectiveness and dealing with out-of-role entitlements. Effective role management requires tools for modeling, analyzing, maintaining and certifying role definitions and mapping workflow, while enabling collaboration between IT and business managers.

Aveksa 3 provides a comprehensive, scalable solution for role discovery and role lifecycle management, enabling organizations to deploy both effective roles-based access control and roles-based governance. It supports the definition and maintenance of both IT and business roles. These roles simplify compliance reporting, access certifications and the definition and enforcement of segregation of duties (SOD) and other compliance policies. In addition, they may be exported to identity and access management systems to simplify user provisioning or access enforcement.

Aveksa 3 delivers:

• Flexible role modeling to help assess established roles and assist with role definitions and mapping of new ones
• Role lifecycle management with support for delegation to line-of-business managers  
• Automated role administration to make business managers accountable for the review and modification of role contents and membership
• Proactive testing of role assignments to prevent compliance violations such as SOD conflicts
• Closed-loop change auditing
• Reporting and analytics to monitor the usage and effectiveness of roles, and identify and manage out-of-role entitlements
• Enterprise-wide visibility into all relationships between roles, identities and entitlements