A Success Story Introducing User Access Management for an Energy Trading Company
- Background and Motivation for introducing User Access Management
- Project challenges
- Critical success factors
- Obstacles and how to overcome them
- Recommendations and Lessons learned
IAM Governance Outside IT
For organizations that are under strong governance control and dealing with sensitive information on a daily basis, it is essential to know who has access to which data. One of the most important topics is to know this along the business process. Before granting access to data or applications there must be done several reviews to assure compliance. In the classical approach this is done in the organization manly with paperwork and organizational processes and ends then in the IT process.
The approach is now to do this by a central system before any access is granted in the IT system. This ensures traceability, segregation of duties and need to know principle, ordered access has to be checked before any action is taking in the IT system. Building up user friendly interface, online tracking and reporting also for historical data of all access rights towards all different systems without touching target systems is a challenge.