        |
|
Roles provide a powerful abstraction that simplifies access change management, enables easier validation of compliance controls and ultimately reduces business risk by providing a preventative access control framework. However, most companies struggle with role definitions and mapping to information resource entitlements and users. It is a challenge for organizations to enable a collaborative process for discovering, designing and optimizing roles; to apply rules that supply the decision support to understand how to deal with out-of-role exceptions or violations; and how to delegate the lifecycle management of roles to business managers to ensure role effectiveness over time.
The Aveksa solution provides a comprehensive, scalable solution for role discovery, engineering and role lifecycle management, enabling organizations to deploy effective roles-based governance that works for the business. Aveksa supports the definition and maintenance of both IT and business roles. Leveraging roles will simplify access certification, compliance reporting as well as the enforcement of Segregation of Duties (SoD) and other regulatory compliance control requirements. In addition, roles can be exported to identity and access management systems to simplify user provisioning process and access enforcement.
The Aveksa Access Governance Platform makes it possible to:
• Model, assess, and analyze roles with a powerful metrics driven approach
• Collaborate in the development of roles with all key stakeholder using configurable
workflow
• Accommodate unique role hierarchy structures based on how the business entity is
structured
• Check policy rules for “what-if” scenario analysis used in role optimization and better
manage out-of-role entitlement situations
• Ensure continuous role lifecycle management by utilizing analytics to monitor role
effectiveness and minimize role proliferation
• Drive responsibility for on-going role management and accountability for certification into the
business with an automated approach
• Provide a full audit trail for all changes and approvals to demonstrate the historical evidence
of compliance
• Integrate the solution with user provisioning systems to add business context to
provisioning roles
Aveksa Role Manager enables organizations to implement a continuous role lifecycle management framework that reflects enterprise-wide business requirements as well as the specific access management operating model of each business unit.