Case Study: FERC & IDM

2
FERC Compliance and Identity Management Using Identity Management technology to automate compliance with FERC regulations Williams Companies (NYSE: WMB) is an integrated natural gas company with interests across the US and abroad. As with many large corporations, managing the movement of people across the company presents serious challenges to their business units and IT staff in safeguarding their IT assets. Williams has been successful in following best practices in business processes and technology to implement IT security controls across their organization. A major factor in the complexity of managing IT security within Williams is the necessity to comply with the mandates of the Federal Energy Regulatory Commission (FERC). Williams chose Partners Consulting for our extensive experience in rationalizing vision and objectives and fusing identity management technology with business processes to solve challenges with regulatory compliance and operational efficiency. Challenges One major challenge is in ensuring accounts are properly managed as they move in and out of regulated and non-regulated business units. To prevent conflicts of interest and opportunity for fraudulent activities, FERC regulations forbid individuals from occupying positions or accessing systems in both business units at the same time. As employees and contractors move across the organization, proper record keeping of transactions and approvals for access granted must be maintained as well as the account histories for each system account assigned to an individual. In the event those users return to an area of the business they once belonged to, the ideal scenario is to re-enable previous accounts. Manual efforts to manage a workforce in this way with thousands of people are typically ineffective. Solution Prior to the transition to an Identity Management system, Williams relied on manual account management and help desk call centers to assist users with routine account management functions. With Partnersassistance, Williams was able to convert their business processes into an automated system and integrate with key systems for automated account management. Williams leveraged Partners to take on the difficult challenge of mapping out the processes that result from changes within their ERP system and how they affect key enterprise systems and network accounts. The team then used those processes as the baseline for optimization and integration to the automated account management system. CASE STUDY

Transcript of Case Study: FERC & IDM

Page 1: Case Study: FERC & IDM

FERC Compliance and Identity Management

Using Identity Management technology to automate compliance with

FERC regulations

Williams Companies (NYSE: WMB) is an integrated natural gas company with

interests across the US and abroad. As with many large corporations,

managing the movement of people across the company presents serious

challenges to their business units and IT staff in safeguarding their IT assets.

Williams has been successful in following best practices in business processes

and technology to implement IT security controls across their organization.

A major factor in the complexity of managing IT security within Williams is the

necessity to comply with the mandates of the Federal Energy Regulatory

Commission (FERC). Williams chose Partners Consulting for our extensive

experience in rationalizing vision and objectives and fusing identity

management technology with business processes to solve challenges with

regulatory compliance and operational efficiency.

Challenges

One major challenge is in ensuring accounts are properly managed as they

move in and out of regulated and non-regulated business units. To prevent

conflicts of interest and opportunity for fraudulent activities, FERC regulations

forbid individuals from occupying positions or accessing systems in both

business units at the same time.

As employees and contractors move across the organization, proper record

keeping of transactions and approvals for access granted must be maintained

as well as the account histories for each system account assigned to an

individual. In the event those users return to an area of the business they once

belonged to, the ideal scenario is to re-enable previous accounts. Manual

efforts to manage a workforce in this way with thousands of people are

typically ineffective.

Solution

Prior to the transition to an Identity Management system, Williams relied on

manual account management and help desk call centers to assist users with

routine account management functions. With Partners’ assistance, Williams

was able to convert their business processes into an automated system and

integrate with key systems for automated account management.

Williams leveraged Partners to take on the difficult challenge of mapping out

the processes that result from changes within their ERP system and how they

affect key enterprise systems and network accounts. The team then used

those processes as the baseline for optimization and integration to the

automated account management system.

CASE STUDY

Page 2: Case Study: FERC & IDM

Results

Implementation of the Identity Management (IdM) system has enabled Williams

to put in place a scalable infrastructure platform to address many of their

challenges in managing accounts across their enterprise. This best practice

approach of leveraging our services has resulted in the following benefits:

Compliance with FERC mandates as it relates to account management

is now built into the automated processes; End user productivity is no

longer affected by efforts to ensure compliance with separation of

concerns

All activities such as account movement, access assignment, and

manager approvals are logged and an audit trail is created to

document each transaction for recordkeeping and retrieval

Williams greatly reduces the opportunity for human error by relying on

rules, workflows, and configurations to accurately execute their

business processes and requirements for account management

For the parts of the organization that serve the others, SLA’s are

important for both goal setting and customer satisfaction. Williams has

been able to eliminate many of their SLA’s by virtue of some processes

being instantaneous rather than taking several days before their

Identity Management system was in place

Help desk calls for password resets and account lockouts previously

made up 30% of their calls and have been significantly reduced for all

systems now integrated into the platform

Especially important to the regulated business units is the new Identity

Management system provides the ability for Williams to be able to lock

down accounts immediately

Account manipulations directly on systems and outside the IdM system

are easily identified and notifications are sent to IT security for

immediate investigation; thus enabling prevention of accidental system

misuse or intentional security attacks.

About Us

Partners delivers this level of value with all of our clients using our experience

and knowledge of the domain as well as our proven 5DMethodology™ for

ensuring success. We are recognized leaders in the Identity and Access

Governance space with service offerings that range from defining a corporate

vision to full implementation to supporting an operational program.

For more information visit our website: www.partnersconsulting.com

www.partnersconsulting.com | 1(866) 736.5500

http://www.partnersconsulting.com/

Electric FERC

Electric FERC

cara permanen idm

cara permanen idm

Idm Environment

Idm Environment

Mobile IDM

Mobile IDM

IDM concepts

IDM concepts

FERC FINANCIAL REPORT FERC FORM No. 1 ... - Florida. PSC

FERC FINANCIAL REPORT FERC FORM No. 1 ... - Florida. PSC

Idm Workshop

Idm Workshop

IDM Introduction

IDM Introduction

IDM Security Guide

IDM Security Guide

Athento iDM

Athento iDM

IDM table form - BuildingSMARTiug.buildingsmart.org/idms/overview/IDM table form 2012 10 09.pdf · IDM Registration form Auto ID 1 ID used in the IDM Name of the IDM Controls Engineering

IDM table form - BuildingSMARTiug.buildingsmart.org/idms/overview/IDM table form 2012 10 09.pdf · IDM Registration form Auto ID 1 ID used in the IDM Name of the IDM Controls Engineering

Catalogo idm

Catalogo idm

FERC Staff Presentation for OPUC Transmission WorkshopJan 17, 2018  · FERC Staff Presentation for OPUC Transmission Workshop. January 17, 2018. FERC Staff disclaimer: All FERC presenters

FERC Staff Presentation for OPUC Transmission WorkshopJan 17, 2018  · FERC Staff Presentation for OPUC Transmission Workshop. January 17, 2018. FERC Staff disclaimer: All FERC presenters

The IDM Manual Reports on Using the IDM

The IDM Manual Reports on Using the IDM

SUPERBIKE-IDM V5-Schleiz - …resultscdn.getraceresults.com/idm/2016/IDM/SUPERBIKE-IDM V5...2 G320 Harald Kitsch Kawasaki GPZ 1100 1:42.805 ... 6 G66 Marc Imroth Kawasaki GPZ 1100

SUPERBIKE-IDM V5-Schleiz - …resultscdn.getraceresults.com/idm/2016/IDM/SUPERBIKE-IDM V5...2 G320 Harald Kitsch Kawasaki GPZ 1100 1:42.805 ... 6 G66 Marc Imroth Kawasaki GPZ 1100

foX Trekker PC Based Portable X-ray Inspection System ... · WF-IDM- 013 WBA-pp_ 01 SC-IDM- A30 SC-IDM- A31 SC-IDM- 068 SC-IDM- 056 SC-IDM- 057 SC-IDM- 115 SC-IDM- 062 SC-IDM- 069

foX Trekker PC Based Portable X-ray Inspection System ... · WF-IDM- 013 WBA-pp_ 01 SC-IDM- A30 SC-IDM- A31 SC-IDM- 068 SC-IDM- 056 SC-IDM- 057 SC-IDM- 115 SC-IDM- 062 SC-IDM- 069

Jnofflclal FERC-Generated PDF of 20050919-0149 …€¦ · Jnofflclal FERC-Generated PDF of 20050919-0149 Received by FERC ... Tacoma Power's Narrows Tidal ... Jnofflclal FERC-Generated

Jnofflclal FERC-Generated PDF of 20050919-0149 …€¦ · Jnofflclal FERC-Generated PDF of 20050919-0149 Received by FERC ... Tacoma Power's Narrows Tidal ... Jnofflclal FERC-Generated

FERC - Letter

FERC - Letter

FERC Update

FERC Update

NERC & FERC

NERC & FERC