Gartner Magic Quadrant IGA Role Management

Role life cycle management and access governance.

Import, aggregate and correlate user information and entitlements from any platform, database or application.

Import, aggregate and correlate user information from database and flat file imports.

Activity monitoring system of record with full audit trail support.

Certification dashboard to view certification status and historical trending.

Entitlement review reports and role assignment data reports.

FERPA compliance reporting: 99.32, 99.35, 99.38 and 99.62.

NIST 800-53 compliance reporting for: AU-3, AU-6, AU-7 and CA-2.

HIPAA compliance reporting: 164.308, 164.310, and 164.312.

NERC CIP compliance reporting 001 Unusual Access, 003 access certification and 007 Security Management.

PCI DSS compliance reporting of Requirement 2, 3, 6, 7, 8, 9 and 10.

SOX 302, 404 and 802 compliance reporting and audit controls.

Patented analytics engine.

Perform role, entitlement cleanup, modifications, and tune-ups at any time.

Perform access certification revoke at anytime to cleanup access and entitlements.

Perform role and access certification.

Certify role owners and business unit owners.

Role owners, managers or other assigned resources can certify existing access.

Role and entitlement attestation.

Enterprise-class access certification compliance management.

Role and entitlement remediation.

Immediate revocation or batch revocation after a certification audit is complete.

Account attestation and access certification for roles containing account-creation privileges.

Role discovery and mining.

Discover roles and entitlements for any platform, database or application.

Mine and derive role(s) from multiple sources.

Discover orphan accounts through report automation and alerts.

Create and maintain comprehensive identity data model.

Business reporting analytics engine.

Discover entitlements for role based on users that have access to that role.

Specify optional entitlements for a given role.

Risk assessment scoring applied to entitlements with in an IT Store and shopping cart.

Perform role administration.

Perform role approval, expiration and tuning activities at any time without interrupting workflow.

Delegate roles and entitlements at any level.

Map entitlements to HR attributes.

Automate attributes and HR Data feeds to dynamically assign roles.

Automated approval workflow.

Assign role approval workflow for automatic and manual processes.

Assign roles based on HR attributes aligned to a role name.

Explicit role assignment.

Use external source for mappings of user attributes.

Leverage HR data to make decisions about role assignments as well as individual attributes.

Security policy monitoring, of SoD, role vs. actual, terminated users, out of compliance accounts.

One-click out-of-box reports of roles, privileges, identity management and IT audit reviews.

Audit and compliance IT controls of SoD, risks and entitlement violations.

Prohibit privilege requests that violate a SoD rule.

Apply risk scoring to individual entitlements.

Role model support for HR, ERP, enterprise applications.

Include entitlements from any connected system and assign roles based on HR attributes.

Model SoD controls on roles and entitlements.

Provide data for access reconciliation and response to changes made at target systems.

Internal reporting options include one-click defined reports, GUI audit tool and direct SQL connectivity.

Role entitlements and membership reports for business and assignment data.

Risk scoring and reporting associated with entitlements.

White pages/organization chart services for building an org chart.

Build roles from individual privileges and entitlements.

Complete user provisioning help desk ticketing system integration.

Evolve birthright roles and augmenting an IT Store and Shopping Cart as business job functions change.

Enforce concept of Least Privilege.

Detect Segregation of Duty (SoD) violations within and across applications.

Enforce segregation of duties (SoD) policies across multiple system types and privileges.

User ID correlation mapping to user accounts across multiple systems.

Calculates the ROI of self-service, automation and help desk ticketing.

One-click pre-packaged and filterable reports.

Role, rule, policy, SoD historical, tuning analysis analytics and intelligence.

Display role, rule, policy, SoD historical errors and conflicts.

Assign access based on business roles automatically or manually through the GUI and with workflow.

Mine roles on user entitlements by platform, database or application for an unlimited number of systems.

Import via csv files or natively from LDAP directories and cloud based subscription models.

Mine entitlements for a role based on users that have access to that role.

Mine entitlements for a role based on individual entitlements and cloud based subscriptions.

Mine and report on business rules and exceptions, like inappropriate access and access different from peers.

Mine entitlements for a role based on user population from directory data to find entitlement data.

Top-down and bottom-up entitlement and role mining report on user and individual entitlements.

Import roles, rules, entitlements and hierarchical attributes from csv extract files.

Define roles based on user entitlement templates and capability to see drill-down to see users similar roles.

Correlate HR attributes with a user's role using multiple directory attributes to define the role.

Identity and access data model supports HR, ERP and enterprise applications with a standard data format.

Custom correlation using web based analytics with SQL scripting.

Audit trail of user access to applications based on entitlement data.

Enforce password security policies within and across applications.