Skip to main content

Compliance IAM

  • Automated employee and authorization management processes
  • Comprehensive reporting
  • Self-service for employees
  learn more

Compliance IAM

The number of regulations and requirements placed on financial institutions is enormous and highly demanding.  As a whole, they range from the Federal Data Protection Act to the MaRisk requirements of the Federal Financial Supervisory Authority (BaFin) and the corresponding requirements of the Financial Market Supervisory Authority in Switzerland (FINMA), the Financial Market Supervisory Authority (FMA) in Austria, and the Financial Market Authority in Liechtenstein (FMA). Among other, these include checks on IT system access authorisations, whose relevance to the financial sector can hardly be overstated. Financial institutions must verify said IT authorisations on a regular basis, and define a process for the assignment thereof. Furthermore, it must be ensured that employees only have the rights that they are entitled to according to their respective activity and function within the company.

Challange

The challenge of authorisation verification

In day-to-day work, checking of and strict compliance with these requirements presents a serious challenge. Therefore, companies require effective tools to support all aspects of user and authorisation management.

  • Continuous checking of access authorisations and IT authorisations and enforcing the "need-to-know" principle
  • Preventing authorisation abuse or misallocation
  • Proof of a complete application system for authorisations
  • Involvement of specialist departments in the authorisation re-certification process

Use

Quickly deployed: With IPG's Compliance IAM solution, you can automate the most important authorisation checks within 3-5 months and meet the compliance requirements of regulatory authorities.

Modular design: The Compliance IAM solution can be upgraded to a fully-fledged IAM at any time. The full version offers automation of all employee and authorisation management processes, even more comprehensive reporting and a portal with self-service for employees.

Upon request, you can enjoy Compliance IAM as a fully-managed service at fixed monthly costs. IPG installs, configures and operates the solution in the customer environment according to customer-specific specifications. Of course, conventional on-premise delivery is also possible.

Features

IPG's Compliance IAM solution offers out-of-the-box all necessary functions to meet compliance requirements based on the functionality of a standard IAM solution.

Reporting

  • Authorisation analysis
  • Time Trace (analysis of rights over time)
  • Analysis of authorisation sources (roles, purchase orders,...)

Segregation of Duties (SoD) & corporate policy

  • Rule definition for sensitive authorisations or import of existing rule sets
  • Definition of mitigation processes (e.g., exceptions, notifications, etc.)
  • Establishment of preventive and detective controls

Certification and re-certification

  • Certification of status or status change
  • Re-certification: forced time attestation including specific and focused reports on escalation operations

Corporate policy enforcement

  • Employee-related review of corporate policies (compliance)
  • Control of non-employee-centric corporate policies
  • Corporate policies for all Identity Management objects (source systems, target systems, roles and authorisations)
  • Integrated reporting as e-mail, ad hoc analyses, overviews and reports that can be subscribed to

Central portal

  • Information about editing and auditing corporate policies
  • Processing of policy exceptions (escalations)
  • Control of the corporate policy compliance

Solution

Solution strategy

The Compliance IAM solution is designed for the re-certification of employee authorisations. For this purpose, IAM standard software is installed on the relevant authorisation systems with reading access. Thanks to the interface to the personnel system, personal data are linked to the account information of the authorisation systems. In this way, authorisations that have been actually assigned can be read out and checked in re-certification workflows. Changes are transferred directly from the workflow to the system administrators or to an IT service management system, until systems - via subsequent expansion steps (not absolutely necessary) - are also connected with write-permissions for changes to be automatically provisioned.

Our Services

As a managed service, we provide the solution in the customer environment. Requirements and general conditions are recorded in workshops and documented by our consultants. This is done on the basis of standard procedure plans and documents, and followed by implementation and customer training shortly before handover. Subsequently, the IPG Operation Centre operates the solution according to the defined SLA's.

Publications on the subject compliance

Penelope Baio - Sales Manager Switzerland
Penelope Baio
Sales Manager Switzerland


+41 78 208 81 41

Platzhalter-Person - Placeholder Expert
Platzhalter-Person
Placeholder Expert


081 750 67 83

Otto Mustermeier
IAM Advanced DE


Hanna Mustermüller
IAM Advisory DE


Mike Elfner - Head of Business Consulting Germany
Mike Elfner
Head of Business Consulting Germany


+41 79 203 26 77

Martin Muster
Placeholder


+41 123 45 67

Arne Vodegel - Service Manager Germany
Arne Vodegel
Service Manager Germany


+49 170 908 04 32

Jan Johannsen - Sales Manager Germany
Jan Johannsen
Sales Manager Germany


+49 170 90 80 876

Achim Stolz - Senior Business Consultant
Achim Stolz
Senior Business Consultant


+41 79 954 90 03

Frank Pevestorf - Senior IAM Consultant
Frank Pevestorf
Senior IAM Consultant


+49 175 724 58 98

Joachim Bacoyannis - Business Development Manager
Joachim Bacoyannis
Business Development Manager


+41 79 836 10 95

Marcel Weber - Sales Manager Österreich
Marcel Weber
Sales Manager Österreich


+41 79 907 84 47

Markus Blaha - Sales Manager Austria
Markus Blaha
Sales Manager Austria


+43 676 734 23 00

Christian Rückert - Sales Manager Germany
Christian Rückert
Sales Manager Germany


+49 170 908 0353

Joachim Bacoyannis - Business Development
Joachim Bacoyannis
Business Development


+41 79 836 10 95