Introduction:

 In any large organization, it is vital to be able to answer questions like “Who has access to What, When, How and Why” in order to comply with stringent regulatory requirements like Sarbanes-Oxley, HIPPA, HSPD-12 etc. This necessitates the existence of some auditing mechanism within the organization.
Attestation, also referred to as recertification, is a key part of the Sarbines-Oxley compliance and is a highly recommended security best practice. Enterprises are meeting these attestation requirements today largely with manual processes based on spreadsheet reports and emails. These manual processes tend to be fragmented, are difficult and expensive to manage and have little data-integrity and auditability.

Amerindia Capabilities:

Amerindia offers a solution in the form of the Oracle Identity Management suite. The services offered range from installation to customization in order to suit your business needs.

Benefits:

Oracle Identity Manager captures both the history and the current state of the provisioning environment. Some of the identity data captured includes user identity profile history, user group membership history, user resources access and fine-grained entitlement history. When combined with the transactional data generated and captured by Oracle Identity Manager’s workflow, policy and reconciliation engines, an enterprise has all the required data to address any identity and access related audit enquiry.

Oracle Identity manager also offers a best-in-class attestation feature that can be deployed quickly to enable an enterprise-wide attestation process that features automatic report generation, delivery and notification. Attestation reviewers can review fine-grained access reports within an interactive user interface that supports fine-grained certify, reject, decline and delegate actions. Reviewer actions can optionally trigger corrective action by configuring Oracle Identity Manager’s workflow engine.