ZIM Streamlines Segregation of Duties and Increases Control Over Authorizations with Appsian Security’s ProfileTailor GRC Suite

Background

ZIM operates over 100 management systems spread across the company’s global offices. Each system has multiple users running numerous applications, all consisting of different authorization systems.

Results

In 2009, ZIM started a large-scale global rollout project, requiring a solution that would enable them to control authorizations over their different systems. The extent of the project required a dedicated Change Management team, which investigated authorizations, roles, and users per each country. There was also a need to map the process via local agencies and regional/global authorization managers.

Results: ZIM implemented ProfileTailor GRC, enabling centralized control over global authorizations in ZIM’s complex, multi-system environment. In addition, Employee Cards were produced, consisting of all authorizations on all applications from a single point of view, visible to relevant managers in every location.

Challenge (2010): The following year, ZIM required a solution that would support the process of authorization request and enable them to easily comply with SoD rules.

Results: Seamless integration of Appsian’s solution into ZIM’s BMC Remedy system. Potential SoD violations were identified at the preliminary stage of requesting authorizations. The proactive identification of SoD violations saved ZIM valuable resources, as many issues were avoided to begin with.

Challenge (2011): ZIM wanted to better handle their authorization review process.

Results: ProfileTailor GRC provided an automated authorization review process, saving overhead expenses and efficiently preparing ZIM for successful audit inspections.

Challenge (2012): ZIM was seeking to control the access of IT teams into production systems.

Results: ProfileTailor GRC enabled continuous monitoring of users in production environment, with roles allocated temporarily, and only for the purpose of specific tasks.

Benefits

• Appsian’s ProfileTailor GRC suite was implemented rapidly and didn’t require any changes to monitored systems.
• ProfileTailor GRC enabled centralized control over global authorizations in ZIM’s complex, multisystem environment.

“Our long-term relationship with Appsian Security started as we entered into a very large global rollout project; ever since we have been enjoying the company’s products and innovations. Using ProfileTailor GRC,we have achieved full control over our global, multi-system and widespread authorization layout, as well as improved the efficiency of GRC compliance. Recently we were introduced to Appsian’s automated authorization solutions, which significantly reduce manual effort and related cost.”