In most organizations, data about what entitlements users have exists solely inside individual systems and applications. This makes it difficult for auditors to answer simple questions, such as:

• Who has this security entitlement?
• What entitlements does this user have?
• When did this user acquire this entitlement?
• Who authorized this entitlement?

When these questions are hard to answer, they are rarely asked. This weakens internal controls.

• Access Certifier includes an auto-discovery engine which regularly lists user and entitlement data from every integrated system.
• The internal Access Certifier database tracks both current and historical entitlement data.
• The Hitachi ID Management Suite workflow engine can be used to request and approve changes. This creates are record of who and why, not just what and when.
• Built-in reports can answer questions about entitlements, including:
  • Who has this entitlement?
  • What entitlements does this user have?
  • When did this user acquire this entitlement?
  • Who authorized this entitlement?
  • What entitlements violate SoD policy and have exceptions been approved?

Access Certifier can be used by organizations to more readily audit entitlements, including change history and policy violations.