Role Management is a system for analysis of access privileges and related risk control. It is based on the RBAC (Role Based Access Control) principles and it provides methods for design of roles, means to control their lifecycle and a periodical privilege certification. Together with Identity Management it represents a complex tool for the administration of access privileges within a company.
For whom is Role Management intended?
Role Management is typically implemented by companies who administer a large number of users and systems, who need to handle of the risks and the related credibility. A classic motivation factor is the need to meet the requirements of SOX compliance. It can easily be implemented in all types of organizations - service businesses, manufacturing businesses or public administration.
In what situations can Role Management help you?
- The requests for modification and addition of access privileges are one of the most common requests the system administrators must process. Implementation of Role Management could significantly reduce the total demand for the administration of user privileges as it enables you to efficiently automate the procedure. Role Management offers powerful tools for analysis and automated role design.
- Every organization wants to protect their data. Therefore, it is necessary to understand who can access certain data and how. The goal is to give the users just the privileges they need for their work. These privileges are then periodically re-certified which leads to a significantly reduced risk of their abuse.
- It is not enough to set the access privileges correctly. You also have to be able to see who performed a change to the privileges or created new privileges, and why. Even here Role Management and its auditing tools can provide correct information.