Case Study: FERC & IDM
-
Upload
jayallen77 -
Category
Business
-
view
259 -
download
2
Transcript of Case Study: FERC & IDM
FERC Compliance and Identity Management
Using Identity Management technology to automate compliance with
FERC regulations
Williams Companies (NYSE: WMB) is an integrated natural gas company with
interests across the US and abroad. As with many large corporations,
managing the movement of people across the company presents serious
challenges to their business units and IT staff in safeguarding their IT assets.
Williams has been successful in following best practices in business processes
and technology to implement IT security controls across their organization.
A major factor in the complexity of managing IT security within Williams is the
necessity to comply with the mandates of the Federal Energy Regulatory
Commission (FERC). Williams chose Partners Consulting for our extensive
experience in rationalizing vision and objectives and fusing identity
management technology with business processes to solve challenges with
regulatory compliance and operational efficiency.
Challenges
One major challenge is in ensuring accounts are properly managed as they
move in and out of regulated and non-regulated business units. To prevent
conflicts of interest and opportunity for fraudulent activities, FERC regulations
forbid individuals from occupying positions or accessing systems in both
business units at the same time.
As employees and contractors move across the organization, proper record
keeping of transactions and approvals for access granted must be maintained
as well as the account histories for each system account assigned to an
individual. In the event those users return to an area of the business they once
belonged to, the ideal scenario is to re-enable previous accounts. Manual
efforts to manage a workforce in this way with thousands of people are
typically ineffective.
Solution
Prior to the transition to an Identity Management system, Williams relied on
manual account management and help desk call centers to assist users with
routine account management functions. With Partners’ assistance, Williams
was able to convert their business processes into an automated system and
integrate with key systems for automated account management.
Williams leveraged Partners to take on the difficult challenge of mapping out
the processes that result from changes within their ERP system and how they
affect key enterprise systems and network accounts. The team then used
those processes as the baseline for optimization and integration to the
automated account management system.
CASE STUDY
Results
Implementation of the Identity Management (IdM) system has enabled Williams
to put in place a scalable infrastructure platform to address many of their
challenges in managing accounts across their enterprise. This best practice
approach of leveraging our services has resulted in the following benefits:
Compliance with FERC mandates as it relates to account management
is now built into the automated processes; End user productivity is no
longer affected by efforts to ensure compliance with separation of
concerns
All activities such as account movement, access assignment, and
manager approvals are logged and an audit trail is created to
document each transaction for recordkeeping and retrieval
Williams greatly reduces the opportunity for human error by relying on
rules, workflows, and configurations to accurately execute their
business processes and requirements for account management
For the parts of the organization that serve the others, SLA’s are
important for both goal setting and customer satisfaction. Williams has
been able to eliminate many of their SLA’s by virtue of some processes
being instantaneous rather than taking several days before their
Identity Management system was in place
Help desk calls for password resets and account lockouts previously
made up 30% of their calls and have been significantly reduced for all
systems now integrated into the platform
Especially important to the regulated business units is the new Identity
Management system provides the ability for Williams to be able to lock
down accounts immediately
Account manipulations directly on systems and outside the IdM system
are easily identified and notifications are sent to IT security for
immediate investigation; thus enabling prevention of accidental system
misuse or intentional security attacks.
About Us
Partners delivers this level of value with all of our clients using our experience
and knowledge of the domain as well as our proven 5DMethodology™ for
ensuring success. We are recognized leaders in the Identity and Access
Governance space with service offerings that range from defining a corporate
vision to full implementation to supporting an operational program.
For more information visit our website: www.partnersconsulting.com
www.partnersconsulting.com | 1(866) 736.5500