Knowledge | News | Careers | Contact us

Our disciplines

Identity & access management

Haven’t we met before? Our identity & access management services assist organisations with the systematic application of business and supporting infrastructures to manage identities across the enterprise, enhancing security and increasing business efficiency.

Businesses rely on a set of critical processes to deliver services to their clients, with access to these business services driven by identity. Businesses need to be sure that the parties to a business transaction are who they claim to be and are authorised to perform those transactions.  Organisations challenged by identity and access management commonly have:

  • business processes that have evolved to meet specific organisational needs at specific times leading to non-standard, independently managed technology solutions and multiple identities across the organisation;
  • ad-hoc or fragmented identity management approaches across different domains leading to interoperability complications and unclear ownership of identity; and
  • increased security risk, privacy compliance risk and inefficiency of business operations.

An effective Enterprise Identity Management Capability (EIMC), when treated as a lifecycle rather than a project, is a prerequisite for building real value services and if well designed can address security, privacy and business inefficiency across the organisation.

stratsec assists clients with establishing effective identity and access management capabilities through a strategic approach that is aligned with the business objectives of the organisation.  The stratsec approach guides an organisation through consideration of three important aspects for delivery of any identity and access management capability:

  • Governance. Establishing the strategic direction and alignment, understanding risk, and defining policies, procedures, standards, and roles and responsibilities for the EIMC.
  • Assurance. Providing assurance that the EIMC in the business environment continue to be effective in meeting the business need, and are implemented in accordance with established policies and standards.
  • Capability. Designing, deploying and operating an EIMC appropriate for the risk profile of the organisation that are compliant with the defined standards, whilst implementing and maintaining established policies, standards and procedures.
Through this strategic approach clients can then develop requirements specifications to procure or implement an EIMC aligned with their business objectives and unique operational environment.