Skip to main content

Lack of Accountability - Hitachi ID Access Certifier

Business Challenge

In many organizations, users move between projects, departments and locations. As this happens, users acquire new access rights but rarely relinquish old ones.

To meet regulatory requirements, organizations often must attest to the relevancy of sensitive entitlements: should user X have entitlement Y? Who authorized that assignment? When was the entitlement last reviewed and approved? These questions form a trail of accountability.

Hitachi ID Access Certifier Solution
  • Even in organizations where no record is kept of how a user first came to have a entitlement, Access Certifier can be used to invite relevant stake-holders to review and recertify user rights.
  • Access Certifier works by sending managers, application owners and data owners invitations to review lists of users and their entitlements.
  • Certifiers review and either accept or reject each of the the entitlements in a list they are shown.
  • At the end of a certification round, there is a clear record of who approved each remaining entitlement.

Access Certifier creates accountability for access rights, even where original records are unavailable.

page top page top