provided by: 
Originally published at Internet.comThe flagship offering from Aveksa is the Aveksa Compliance Manager; and, as its name implies, it provides security and compliance administrators with a platform that enables them to verify the security compliance of their organization by examining and certifying that the rights and entitlements of individuals across their organization are in line with defined policies. The vendor bills the platform as enabling compliance managers to meet the requirements of Sarbanes Oxley, HIPAA, GLBA, Basel II and other regulations.
At the core of the Aveksa platform is a unification engine that automatically collects identity and rights information for users across the organization, information that can be spread across multiple platforms-including mainframe, midrange, and PC platforms-as well as applications, file systems, and resources such as SAP, Oracle Financials, PeopleSoft, LDAP-based directories, ACF/2, RACF, TopSecret, and AS/400. This information is collected and transfered to the platform's data mart, where it is normalized such that the users, roles, and entitlements granted are correlated for further analysis and reporting.
It is this collected and normalized data that then serves as the basis of the platform's compliance management features; capabilities which include:
- Regular entitlement reviews and certifications, based on customized workflows and incorporating defined business rules and control objectives
- Reporting; including the analysis of user identities, entitlements, and roles
- Exception management; further customized remediation workflows that can be triggered by business rules
- Roles-based dashboards for security delegation
The platform can operate as a stand alone tool, or in combination with existing IT governance, risk and compliance platforms. According to the vendor, Aveksa Compliance Manager can be directly integrated with such platforms.
Contact the vendor for further information.Author: EITPlanet Staff
Read article at Internet.com site