IBM Security Identity Governance and Intelligence (IGI) provides functionality to cover enterprise user lifecycle management, including access risk assessment and mitigation using business-driven identity governance and end-to-end user lifecycle management. IGI helps organizations mitigate access risks and access policy violations by using intelligence driven, business-driven identity governance integrated with end-to-end user lifecycle management.

IBM Security Identity Governance and Intelligence offers:

  • An identity governance platform that lets IT managers, auditors and business owners govern access and ensure regulatory compliance
  • A business-activity-based approach to facilitate communication between auditors and IT staff and to help determine segregation of duties violations across enterprise applications, including SAP.
  • Better visibility and user access control through consolidating access entitlements from target applications and employing sophisticated algorithms for role mining, modeling and optimization.
  • User lifecycle management including provisioning and workflow capabilities, along with integration with IBM Security Identity Manager and third-party tools.

Screen Shot 2017-07-24 at 2.57.31 PM

IBM Security Identity Governance and Intelligence

  • Enables IT managers, auditors and business owners to govern access and evaluate regulatory compliance across enterprise applications and services using business activities
  • Provides analytics and reporting to gain deeper insight into users, roles and entitlements to help meet compliance requirements
  • Helps IT managers and auditors define segregation of duties policies and remediate violations
  • Automates the access review and recertification process required for compliance

A business-activity based approach

  • Models segregation of duties violations derived from business activities, rather than relying on roles
  • Reduces the number or rules needed to manage “toxic combinations”
  • Simplifies the implementation and ongoing access review processes
  • Includes SAP-specific segregation of duties support to extend the enterprise segregation of duties functions

Better visibility and user access control

  • Allows translation of complex entitlements into easy to understand business language
  • Allows for role definition to be completed using both a top-down and bottom-up approach
  • Consolidates access entitlements from enterprise applications into a central repository

User lifecycle management

  • Includes capabilities such as provisioning and workflow management
  • Integrates natively with IBM Security Identity Manager
  • Allows sharing of data about users, applications and entitlements
  • Applies a consolidated approach to identity and access governance operations
  • Provisioning native adapters for SAP R/3 (Java Connector libraries), SAP HR (IDoc files), Lightweight Directory Access Protocol (LDAP) directories, Microsoft Windows Active Directory, Java Database Connectivity (JDBC), comma-separated value (CSV) files, XML and more