Remediation is the action taken after reconciliation when an account and entitlements in IDM do not match profile and permissions in the target system.
After Reconciliation, when a discrepancy is identified, one of the following actions are taken
Grant entitlements to match the target system
Revoke access from target system
Revoke access from target system after approval from business owner
Initiate a certification process
Notify business and IT owner
Authorized Vs Actuals
Shield systems from easily avoidable excess account and permission grants. Identify accounts created out of process and remediate them swiftly.
Closed Loop Authorization
Ensure that policies are enforced as digital identities are consumed across a variety of target systems. Replace inefficient manual workflows of cleanup excess privileges with automation of reconciliation and remediation.