Secure IAM Launch. Benefits - Step by Step

In the following, we describe how you can launch your access management tamper-proof and step by step.

Every step leads directly to a benefit considering process optimization and compliance. Quite apart the increased security of your business applications.

The following chart explains the progressively model and shows what components of ORG support the single steps.

1. Deduction of the authorization model

  • MaRisk AT 7.2: Allocation of necessary IT authorizations
  • MaRisk AT 4.3.1: Segregation of Duties (SoD)
  • BSI Grundschutz M 2.31: Documentation of assigned IT authorizations

2. Tamper-proof workflow of assignment

  • BSI Grundschutz M 2.8: Allocation of authorizations
  • MaRisk AT 7.2: Processes for an appropriate IT authorization assignment (4 eyes principle)
  • User-Help-Desk- and self-service-Option

3. Semi-automated assignment of permissions

  • COBIT DS 5.3: Compliant access rights
  • BDSG §9: Access authorization only for authorized users
  • Reduction of failure by semi-automation

4. Automated assignment of permissions

  • COBIT DS 5.3: Compliant access rights
  • BDSG §9: Access authorization only for authorized users
  • Elimination of failure by automation

5. Regularly audits and re-certification

  • MaRisk AT 4.3.1: Regularly audits of IT authorizations and segregation of duties (SoD)
  • COBIT DS 5.4: Regularly assignment of all IT authorizations
  • IGA Lifecycle (Identity Governance and Administration)

After the deduction of the authorization model and its rules, the tamper-proof workflow of assignments can be designed.

The gradual connection of business applications raises the efficiency and eliminates manual sources for failure since no human administrator is longer necessary for the assignment of user rights.

The highest level is reached when regular checks of the assigned permissions are performed. Using our progressively model, you have your permanent authorization management under control.

We would like to assist you with step 1 to 5 and look forward to your inquiries.

"FSP ORG is one of the products that appear to be a 'hidden secret' in the market."

Martin Kuppinger, KuppingerCole

Kuppinger Cole Report: Executive View

ORG Highlights

  • tamper and audit proof through transparency and historization
  • fail-safe through replication process
  • illustration of complex and technical rules
  • RBAC and ABAC
  • federation (propagate authenticated identities)
  • segregation of duties
  • Single Point of Administration & Control
  • cross-platform
  • simple to integrate
  • web based