The continuous emergence of new security regulations and legislation makes governance of user access privileges a critical issue for senior business managers in all organizations, regardless of size and industry sector.

While governance policies must be in place to secure compliance with Sarbanes-Oxley, EuroSox, HIPAA, Basel II, and other statutory initiatives/standards at the time of granting the user privilege, the attestation process makes sure that the organization remains compliant over time and continues to meet security audits successfully.

Omada Compliance Attestation Manager delivers an enterprise-ready attestation solution for CIO’s, security officers, internal auditors, and business managers. The Attestation Manager automates the attestation process from the creation of attestation surveys to generation of compliance attestation reports - making security audits faster, more accurate, and less cost-intensive.

Omada Compliance Attestation Manager supports Omada's vision to help organizations govern enterprise IT systems more efficiently, while minimizing risk and achieving successful security audits.

Omada Compliance Attestation Manager is both available for organizations running their Omada Identity Management enterprise solution based on Microsoft Identity Lifecycle Manager 2007, and for beta customers implementing Microsoft Forefront Identity Manager 2010.

Security Audits - Business Challenges

Periodic audits of user permissions and access rights often don’t exist in organizations, mainly because it is time-consuming to collect and collate data from the many connected systems in the enterprise environment.

Access requests that are never attested increase the risk of security breaches and failed audits significantly. Organizations that perform attestations based on outdated and manual paper-based processes find that the number of hours spent preparing for security audits is escalating.  

Without an efficient process in place, fulfilling the requirements of compliance regulations by creating attestation reports that clarify “who has access to what, when, and why” becomes very expensive.  

Omada Compliance Attestation Manager - Business Benefits

With Omada Compliance Attestation Manager, you can:

        •       Facilitate requirement fulfillment for compliance regulations
        •       Make security audits faster and less cost-intensive
        •       Automate the task of preparing for a security audit
        •       Perform ad hoc audits and regular security audits
        •       Reduce the time spent collecting attestations
        •       Increase the quality of attestation reviews
        •       Automate identification and removal of inappropriate access permissions
        •       Strengthen the security of an attestation review by using a role based access model to review reports

Omada Compliance Attestation Manager - Features

Omada Compliance Attestation Manager includes:

Flexible and Secure Management of Attestation Surveys
        •      Choice of scheduled, recurring, or ad-hoc attestations
        •      Role based access security model
        •      Distribution of attestation to line of business managers
        •      Delegation of attestation to system owners
        •      Customization to meet individual business needs

Choice of Attestation Types
        •      Attestation of all user permissions
        •      Attestation of compliance with Segregation of Duties (SoD) policies
        •      Attestation of financially significant permissions 

Attestation Reports
        •      Generation of immutable attestation audit reports (PDF)
        •      Drill-down functionality
        •      Report on user permissions for all connected systems

Survey Progress Monitoring
        •      Management dashboard for an easy overview of the attestation progress
        •      Process for managing incomplete responses from managers or system owners