Facilitating compliance with regulatory requirements or internal security policies is one of the principal drivers for Identity Governance. OpenIAM provides a number of tools to help organizations meet compliance mandates. Organizations deploying OpenIAM automat a variety of operations and in some cases, these operations also utilize workflow-based approval steps. Associated with each of these operations are detailed audit logs which help organizations determine the following fundamental questions:
- What access does a person have?
- When were they granted these privileges?
- How or why were they granted these privileges?
In addition to access information, OpenIAM audit logs also track details related to authentications, password changes, life cycle status changes, system configuration changes and more. The information in these logs, combined with the out of the box reports, and on-demand self-service tools, organizations can achieve the following:
- Provide the auditors with the evidence of compliance
- Proactively review, detect and revoke inappropriate access
- Review access privileges before granting additional privileges.
- Centralized review and certification of access cross both on-premise and cloud applications.