SmartAIM differentiates from most other access governance solutions not only by its functionality and features, but most of all by its overall design. SmartAIM is a relatively new solution, developed since 2009, benefiting from the experience gained during many bespoke IAG projects implemented by its founders.). This industry IAG implementation experience has allowed the design of an easy-to-use off-the-shelf solution that seamlessly integrates the innovative insights gained at many customer sites into one fully integrated off-the-shelf product for Hospitals and eHealth organisations..
SmartAIM is a lean and mean “off-the-shelf” access governance solution specially designed to meet the requirements of Health organisations, that has proven itself at numerous customer Hospital sites. A Proof of Concept (SmartAIM “AuditBox”) can be set up in a matter of just a couple of weeks.
The SmartAIM Identity Manager consists of a web portal with connector(s) to your HR system and your other ID sources. It typically runs inside your organization's intranet, or in a DMZ, and from there is available to your staff: administrators and management, employees, consultants as well as external users (for cloud usage SmartAIM is multi-tenanted with delegation provided). A RESTful web API is also in development).
The SmartAIM Provision module provides the connectors between the SmartAIM portal and your systems (= "(de)provisioning" of apps/AD). With this module, accounts and authorizations are automatically created or deleted in these systems. The different types of connectors are, if so desired, self-configurable: (a) simple LDAP directories such as AD and eDIR; (b) database links such as JDBC and XML; (c) file links and (d) semi-manual "work order" links.
The SmartAIM Workorder module, for use with legacy systems such as SAP and IBM, includes all functionality for authorisation management using "work order" controlled processes. For each system administrator (e-mail supported) SmartAIM tasks automatically appear in their account. By reading out the IST ("as is") situation of the legacy system SmartAIM verifies the proper execution of the work orders.
The SmartAIM AuditBox module provides three types of reports: (a) account auditing, (b) authorisations auditing and (c) rule based auditing. With account auditing anomalies of the account settings in comparison with the HR system are uncovered (HR <-> IST). With authorization auditing one can see at a glance whether SOLL ("as should be") and IST effectively match (SOLL <-> IST). With rule based auditing rules can be composed (e.g. Separation of Duties rules) and then be checked for violations. These rules can also automatically take effect when assigning rights and roles, so that the SOLL is always compliant with the rules.
Your organisation is in control and informed at all times, not just at the time of the annual audit.
Furthermore the detection in AD of superfluously paid license rights (e.g. MicrosoftTM "CALs") due to non-existing users can often result in very significant payback effects.
As a Proof of Concept the SmartAIM AuditBox can typically be installed in one man week (including installation, configuration and training) by a SmartAIM certified partner, so that the three types of standard audit can be performed. This will provide you with a clear view on the risks that your organization is exposed to and allowing you to gain hands-on experience in using SmartAIM exceptionally fast.