The process to prepare and complete each Quarterly Access Certification for the ~7,000 reviewers at a US-subsidiary of a global insurance company required an average of 85 days. Most exceptions were in the process of remediation the next quarter when initiating the subsequent review cycle.
The combined solution of revised business processes and new tools eliminated 100% of their manual information collection effort as well as delivered a fully-automated and scheduled release in support of the various audit and compliance certifications.
Additionally, the company dramatically increased the quality of the access certifications for by applying business-friendly terminology and focusing on privileged, sensitive or restricted access.
Major global energy company with ~250,000 employees and contractors worldwide routinely hires thousands of new resources each year. Following completion of on-boarding process, the company systems assign access permissions in minutes to the new hires based on a combination of employment attributes and automated approval workflows.
The new processes save the company millions in lost productivity as well as increase security controls and address compliance requirements by immediately revoking access when resources are terminated.
Regional utility company reduced security risk and increased compliance with NERC CIP by deploying new processes and controls over both physical and cyber access assigned to their internal and third-party workforce. Integrated solution addresses Access Certifications of CIP-designated access, weekly employment verification process for third-party workforce, job-based automated access assignment and removal, real-time alerts and reports for anomalous conditions, and visibility to all access assignment for all resources including transient devices.