Avitek Retail has put some controls in place to prepare them for their Identity Audit. Automated self service and closed loop identity certification will help them in cost effectively meeting their Audit requirements. These controls are enabled by the converged Oracle Identity Governance Platform.
David one of the managers is assigned a task to review application access granted to employees in his department. David will log into the Identity Governance console and start the access review process. David will then notice that the risk engine has flagged Joe (Joseph) the System Administrator as a high risk user. Joe has been directly assigned the payables application privilege; this privilege would allow him to approve payment to Avitek’s suppliers and vendors. There is no reason why Joe the System Administrator should have this access. David will revoke this access from Joe’s account, review the access of the remaining users and sign off on the access review campaign.
As soon as David sign’s off on this certification campaign closed loop remediation will kick in and the privilege to approve payment to Avitek’s suppliers and vendors will be automatically revoked from Joe’s account. David can track the status of this remediation action from the certification dashboard.
Avitek’s auditors can also log into this console to view the reports on what access each user had, who reviewed that access and when did they review that access
