Overview

Audit

Tax

Advisory

Corporate Finance

Restructuring

Forensic

Risk Advisory Services

Transaction Services

Identity and Access Management (IAM) Advisory Services

Identity Management is not just hype, nor is it a new phenomenon. Access control applications have been in use for several decades and are embedded in many organisations’ infrastructure, but they are becoming increasingly difficult to manage.

In a typical business environment today, organisations manage thousands of users, who may have access to hundreds of applications which in turn means that there are potentially hundreds of thousands of possible authorisations (access rights and permissions within an application) that need maintaining. This leads to the question – “How do you manage and control who has access to what in an efficient and effective way?”

This is a complex question and one which KPMG has helped many organisations answer. While there are core similarities between organisations, the initial answer is that this needs to be different for every organisation, as every business has different requirements, different priorities and also different business processes in place.

KPMG helps organisations to understand exactly what they require from IAM. IAM is not just technology; it requires key business involvement in order for it to be a success.  We advise clients on the most effective way of progressing to ensure that what is proposed can be implemented in an efficient and effective manner. Our people have strong vendor implementation experience as well as detailed business knowledge.

IAM typically combines five distinct areas:

• User Management - activities aimed at managing a user’s entire life-cycle (entering employment, job change, leaving employment)
• Authentication Management - activities aimed at managing the means of authentication (passwords, tokens, etc.)
• Authorisation Management - activities aimed at managing user Authorisations 
• Provisioning - (manual and/or automated) propagation of user and Authorisation data to disparate resources.
• Monitoring and Audit - logging, (continuous and advanced) auditing and reporting

The management of access is becoming evermore complex, and increasing corporate governance requires effective monitoring and management of the authorisation process. These two factors have led many organisations to look at deploying improved IAM systems with varying levels of success

The deployment of IAM systems is complex and needs to have its foundation based on effective business processes. KPMG can help to ensure that this is in place prior to deploying any system.

A lot of organisations are now on their second or third attempt at achieving good IAM due to mistakes being made in the planning, selection and implementation. The IAM professionals within KPMG have vast experience of the pitfalls which exist and can help to steer you round these. This experience has been gained by being heavily involved in the industry and being actively involved in successful IAM programmes.

KPMG can help you to accomplish effective and efficient IAM first time.

For further information about our services, or if you would like one of our professionals to contact you, please .