Identity and Access Management (IAM) is a framework of policies and high standard technologies built to ensure organizational users are granted the appropriate access to resources. Many factors come in play to make this process successful. Attestation and reconciliation are on the list of requirements.
Attestation is a familiar term when it comes to approval and/or providing evidence that something is true. In access Identity management, attestation is an ongoing review and confirmation process that helps organizations reduce risk by granting users the right access to systems and applications, evaluating the risk associated with that access and reviewing access deemed as risky or inappropriate.
Attestation is not only a good business practice, but required for all sorts of restrictive and compliance reasons.
By definition, reconciliation is the process of verifying consistency and compatibility. Across different access control systems. Failure of addressing access issues often creates high levels of corporate risk and exposes the organization to compliance risk, especially when duplicate instances of the same record exist, or records with orphan unique identifiers, i.e. employee ID or social security number, exist. Then manual fixes take place to eliminate these data quality issues to avoid risk exposure. The labor involved cost the organization a significant amount of hours and work. Automating this with IAM eliminates IT intervention as all verifications and access validation is done automatically, based on specific elements previous designated. If we look at the life cycle of a user, once a new hire request is placed, a user is created and provided with initial access at hire date. Down the road, if the user is promoted different access is granted. This can be done automatically by adding the user to the right group. IAM handles the access rules and grants once the manager approves the request.
In a large environment where thousands of changes are made to user accounts on a daily basis, it is hard to track down events. Who has access to what and who granted the access? This is not an issue with IAM as it allows mapping business process to identity processes, and provides a unified view of the physical identity by providing the ability to match identity records from multiple databases and identify multiple records across data sources.
IAM fully integrates reconciliation and attestation processes to increase accountability. It runs in real time and achieves accuracy and dramatically reduces the time and cost associated with manual intervention.