Identity & Access Management (IAM)


Complex chains of processes, data and systems, emphasis on accountability

Identity and access management consists of complex processes, datamodels and technique. Furthermore internal and external parties demand accountability of the integrity of transaction chains.

With Grace system transaction chains between staff administration, technical identities and entry means are connected.
All connections with ERP administrations, IAM/IDM suites and provisioning are checked on correct handling of transactions
of the authority of the model (SOLL) to the actual authorities
on the technical platforms.

Grace is able to show differences between transactions with reconciliation techniques.
Grace loads and connects data that is often spread over different systems of the various suppliers and backoffices, of which
the administrations are often situated in different departments and directorates.

GS_IAM1

race system generates innovative realtime reports and analytics and is able to simulate complex company questions on different datasets, and to analyse and report. Grace system differs from classis BI where costly ETL, warehouses and reports are built in linear projects.

How do we do this?

Features

Some of the possibilities for the implementation of Grace system that we can provide as a service:

• Correlation of identities from staff administration and technical identities for detecting orphan accounts and orphan identities

• Datamining on existing authorisations (IST) and comparison with authorisation models (SOLL-IST)

• Rolemining on existing authorisation models for refining and detecting conflict (SOD, fraude)

• 3-way matching, simulation and analysis future impact (SOLL old, SOLL new and current IST)

• Checking syntax of NIST standards and various authorisation models (RBAC, ABAC, PBAC)

• Generating bulk processing , cleaning, and mutations

• Reports and exception reports up to record level, virtual browsing of transaction chains

• Validation multiple company regulations across transaction environments with Grace engine

• Views for export to excel, CSV and to industrial platforms AD, IBM, HP, Oracle


Benefits

All operations from checks up to and including generating reports and import documents are:

• Repeatable over the OTAP street for a valid result

• Controllable because analysis on datasets is done independently of existing processes, data and techniques

• Verifiable because data and analysis remain available in the warehouse throughout the process, so choices are traceable

• Grace system contains standard checks for various queries such as ERP, RBAC

• Grace system contains standard views for complex delta calculations on multiple compound data collections

• Short processing time and less demand on resources because there is no necessity to build complex made-to-measure spreadsheet models and conversion tools

• Emphasis on checking and analysis of authorisation models instead of data conversion

• Comply with specific compliancy demands such as, Wft, Wbp, SOX, ISO and Cobit

Monitoring and auditing reconciliation techniques

The systems loads and analyses the correlation and composition of persons, identities, authorities and other relevant transactions, such as service calls and logging, to gain insight into the integrity of IAM processes and IAM transaction chains.

For putting together and refining new authorisation models the system searches for patterns and deviations between authorisations and HR administration, and the viability can be made clear via browsing and reports on record level.

For this, techniques such as orphan analysis, rolemining and reconciliation are applied in order to control and speed up analysis, checks, (re)design, migration and implementation of complex projects around identities and authorisations

With this it is possible to be visibly in control for specific compliancy demands such as Wft, Wbp, SOX, ISO and Cobit.

Grace accelerates GCR: a substantial innovation in technique
and control.


Grace System accelerates GCR

The power of Grace lies in the recognition of patterns through innovative datamining algorhythms, the visualisation and design of data structures and various quantitative and qualitative analyses.

GS_IAM3

Grace System consists of different modules for support with all sorts of organisational demands, depending on the characteristics of the data.

GS_IAM4

Modules

• Data Discovery

• Orphan Discovery

• Correlation Discovery

• Correlation Analysis

• Data Mining

• Cluster Analysis

• A-priori (Basket) Analysis

• Rules Engine