|
The continued emergence of new regulations has made regulatory compliance a critical issue for senior management at all organizations, regardless of size, industry or location. The increased complexity of today’s interconnected IT systems mean that many different types of systems need to be audited for compliance purposes. Unfortunately, many of the processes used to examine these IT systems are manual and labor intensive, resulting in high administrative overhead and costs.
CA Security Compliance Manager was designed to help improve and automate the processes associated with verifying and validating compliance for different IT systems. CA Security Compliance Manager delivers a process-centric platform that empowers your organization to automate existing compliance processes such as access reviews, user entitlements, and orphan accounts, thus making the overall evaluation and remediation of IT risk more efficient and manageable.
CA Security Compliance Manager can also identify exceptions and notify the appropriate change management systems to initiate remediation and validate that the requested remediation was completed, thus delivering a closed loop continuous process for ongoing IT risk and compliance management.
COMPLIANCE DASHBOARDS CA Security Compliance Manager can generate and automatically distribute reports to answer your critical identity compliance questions such as:
- Who has access to what?
- Who can do what?
- Who approved what?
CA Security Compliance Manager can also manage ongoing processes of recertification associated with any of these processes.
CENTRALIZED IDENTITY COMPLIANCE WAREHOUSE The core of CA Security Compliance Manager is a highly flexible data warehouse that stores any and all relevant information required for compliance purposes. This repository is easily configurable and can scale to meet your growing organizational compliance demands. The warehouse can store all changes to any given record over time, enabling administrators and auditors to know exactly when a change has occurred.
EXCEPTION REMEDIATION AND VALIDATION CA Security Compliance Manager can commence the remediation process immediately through notification to a change management system, such as CA Service Desk. CA Security Compliance Manager can also validate that a remediation fix was applied during its next testing cycle and escalate items to the appropriate manager if the requested change has not been applied.
CHANGE CERTIFICATION AND ATTESTATION CA Security Compliance Manager can monitor all changes on any record in the compliance warehouse down to the attribute level. Once a change is identified, CA Security Compliance Manager can immediately commence the certification process, thus ensuring that changes are monitored and approved dynamically. CA Security Compliance Manager also provides attestation including a complete audit trail that enables your organization to view changes over a period of time.
USER ENTITLEMENTS CERTIFICATION CA Security Compliance Manager can be deployed to address the highly labor intensive and manual process of certifying entitlements for individual users or groups of users.
EASE OF DEPLOYMENT CA Security Compliance Manager is simple to deploy and can accommodate any organization’s structure and existing compliance processes. CA Security Compliance Manager also includes a training mode that delivers full product functionality with a complete test database, thus enabling users and administrators to test and learn the product quickly and simply.
INTEGRATION WITH IAM COMPONENTS For customers with existing CA solutions, CA Security Compliance Manager leverages these existing CA investments by delivering integration with a variety of CA solutions, including CA Identity Manager, CA Governance, Risk & Compliance Manager, CA Service Desk, and CA Mainframe products.
The benefits of a centralized process-centric platform for security compliance include: reduced administrative costs, risk reduction and enhanced regulatory compliance.
An investment in CA Security Compliance Manager often can be financially justified simply from the automation of email and spreadsheet based manual compliance processes, such as entitlement reviews, user access reviews, privileged access reviews and orphan accounts. CA Security Compliance Manager provides all layers of management with robust visibility into the current status of compliance processes with dashboards showing current compliance process status.
By storing all access review and entitlement decisions in a centralized place and managing the processes behind these decisions on a continual basis, CA Security Compliance Manager reduces the current improvised methods used for identity compliance purposes and strengthens your organization’s overall compliance posture.
CA Security Compliance Manager further streamlines security compliance processes through automatic initiation of remediation processes into change management systems, such as a help desk or other identity and access management component. Doing so helps close compliance gaps more quickly and reduces the risk of unwanted issues, such as an orphan account persisting for an extended period of time.
CA Security Compliance Manager is highly configurable and can complement any existing security infrastructure. Because its architecture does not contain agents, CA Security Compliance Manager can collect, correlate and create compliance reports for all kinds of IT systems — from mainframe to CA Identity Manager to homegrown applications. CA Security Compliance Manager helps ensure that users and entitlements are properly managed and that IT systems are kept under control — all the components required to meet government regulations such as SOX, HIPAA and EU Privacy Directive.
|
