Contact Jobs
Language
English
Make an appointment
Make an appointment
Menu
Sluiten
Menu
Sluiten
Menu
Sluiten
Language
English

How to get rid of audit findings quickly?

As a result of our IGA project, we have interviewed Steven Schulein, Head of Generic IT, in our Grabowsky Safe Zone. In the interview he will explain how he strengthened NIBC’s Identity & Access Management. 

 

NIBC Thumbnail

Identity and Access Management audit findings

NIBC is a bank that focuses on mid-size organizations and retailers in the Netherlands, Belgium, England and Germany. After NIBC emerged from the 2008 financial crisis without government support, the bank has reinvented itself into “a flexible bank that can act quickly, with a ‘THINK YES’ mindset and an equally strong ‘can do’ attitude.” This ‘THINK YES’ mindset was certainly applicable to the Identity Governance & Administration project that Grabowsky has realized together with NIBC.

We were faced with the challenge of resolving the audit findings concerning their Identity and Access Management, within a tight period of three months. In addition to training the people and improving the business processes, NIBC has opted for SailPoint IdentityNow, an Identity Governance & Administration solution in the cloud. A seamless fit considering NIBC’s cloud-first strategy.

Characteristics NIBC
  • Target group: NIBC focuses on midsize companies
  • Customers: Approximately 600 mid-sized organizations and 400,000 retail customers
  • Role Management: Factor 5 more roles than employees
  • Goal: Solve audit findings quickly
  • Technology: SailPoint IdentityNow
The challenge

What was your challenge? Why did you start an Identity Governance and Administration (IGA) project?

We had a number of audit findings that surfaced in the field of Identity & Access Management. In particular, not being in control of the joiner, mover, leaver process. A rectification process that did not go well. And a role model that had become far too complex.

Rolbeheer

 

"A factor 5 more roles than employees"

The solution

What was the desired result that you had in mind?

The main purpose was to resolve the audit findings. In which the most important aspect was that the recertification should be simple and understandable for the business owners. And, that we would have an efficient and good (IAM) process.

compliance-1

 

"The main goal was to resolve the audit findings"

Why did you choose SailPoint IdentityNow as your Identity Governance solution?

Based on an architecture principle, we have a SaaS-first (Cloud-first) strategy. So, we only looked at the better IGA SaaS solutions that support this. SailPoint IdentityNow came up as the IGA-leader and it suited our IAM-requirements.

The result

How did Grabowsky help you and how is Grabowsky helping you now? 

We already had a collaboration with you for our CyberArk, Privileged Access Management, solution. I think Grabowsky is a very good partner to work with together. You initially did this within the project as a technical implementation partner. Now we will follow up on that with the support on SailPoint IdentityNow and the Identity & Governance Administration process. And also, we are shaping together the vision for the entire field of Identity & Access Management and beyond.

The most important lesson

What is the most important lesson you have learned about this journey?

I think the most important lesson in hindsight is that doing an IGA process is very effective, but it does not solve the entire domain of Identity & Access Management. We also have to take steps in other areas. And we are now going to solve this challenge together by establishing the vision.

think big act small

 

"Think big, act small"

 

What advice would you give to other organizations that also want to regain control of their digital security?

At an earlier stage I would work with a party like Grabowsky. To give a good idea of how to scope and manage the entire domain of Identity & Access Management at the start of an IGA project. It is important to create a vision of Identity & Access Management with the logic of Think Big Act Small.

Grabowsky Consultant

Are you also facing a Digital Identity challenge?

Let us know what your question or problem is. We will be happy to discuss it with you to clarify your question, think about the smart plan and select the appropriate technology solution.